2012
| Synology : Simple user can download all syno fs | Soon |
| Synology : DOS on syno via a crafted url | Soon |
| Synology : Anonymous users can get files on syno | Soon |
| Owncloud : Code execution | Securityfocus |
| Owncloud : Authentication bypass | Securityfocus |
| Owncloud : Cross-Site Scripting Vulnerabilities | Securityfocus |
| openupload : Cross-Site Scripting and Arbitrary Code Execution Vulnerabilities | Securityfocus |
2010
| Hastymail Webmail: XSS in E-mail | Not publish |
| Artica : File open, SQL Injection, XSS | Secunia |
| Ajaxplorer : Code exe, Open local file, Cross Site scripting | SecurityFocus |
| Syncrify (Reset admin password / open local directory in anonymous / Open local file) | SecurityFocus |
2009
| Roundcube : Email body javascript insertion | SecurityFocus |
| TrendMicro : Elevate privileges | SecurityFocus |
| Atmail :Email body script insertion vulnerability | Secunia |
| Zarafa : DOS, get session | Not published |
| Centreon : Anonymous remote code exec | SecurityFocus |
2008
| XSS + SQL Injection + System injection on Olfeo < 4.0 (filtering solution) | Not published |
| Centreon : ‘color_picker.php’ Multiple Cross-Site Scripting Vulnerabilities | SecurityFocus |
| Centreon : ‘get_image.php’ Local File Include Vulnerability | SecurityFocus |
| Centreon : Include Vulnerability | SecurityFocus |
| SAN RAIDSONIC : Javascript Injection in FTP logs | SecurityFocus |
| SAN RAIDSONIC : ByPass Authentification | SecurityFocus |
| SPIP : Blind SQL Injection | SecurityFocus |
2007
| Présentation de revhosts au SSTIC | |
| MoinMoin : Index.PHP Cross-Site Scripting Vulnerability | SecurityFocus |
| SNMPC : Username/Password Remote Denial of Service Vulnerability | SecurityFocus |
2006
| Cerberus Helpdesk : Spellwin.PHP Cross-Site Scripting Vulnerability | SecurityFocus |