[KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability

/2013] – CVE number requested [21/01/2013] – CVE number assigned [28/01/2013] – Public disclosure • CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1412 to this vulnerability. • Credits: Vulnerability discovered by Egidio Romano

[KIS-2013-03] Joomla! = 3.0.2 (highlight.php) PHP Object Injection Vulnerability

: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-03

[KIS-2013-04] Joomla! = 3.0.3 (remember.php) PHP Object Injection Vulnerability

Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3242 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-04

[KIS-2013-05] vtiger CRM = 5.4.0 (customerportal.php) Two Local File Inclusion Vulnerabilities

] - CVE number requested [20/04/2013] - CVE number assigned [01/08/2013] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3212 to these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano

[KIS-2013-07] vtiger CRM = 5.4.0 (vtigerolservice.php) PHP Code Injection Vulnerability

[-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3214 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-07

[KIS-2013-08] vtiger CRM = 5.4.0 (SOAP Services) Authentication Bypass Vulnerability

/2013] - CVE number requested [20/04/2013] - CVE number assigned [01/08/2013] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3215 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano

[KIS-2013-09] Vanilla Forums = 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability

project (cve.mitre.org) has assigned the name CVE-2013-3528 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-09

[KIS-2013-10] openSIS = 5.2 (ajax.php) PHP Code Injection Vulnerability

discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2013-10

[KIS-2014-05] Dotclear = 2.6.2 (XML-RPC Interface) Authentication Bypass Vulnerability

: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3781 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-05

[KIS-2014-06] Dotclear = 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability

: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-06

[KIS-2014-07] Dotclear = 2.6.2 (categories.php) SQL Injection Vulnerability

: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3783 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-07

[KIS-2014-08] OpenCart = 1.5.6.4 (cart.php) PHP Object Injection Vulnerability

Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3990 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-08

[KIS-2014-09] X2Engine = 4.1.7 (SiteController.php) PHP Object Injection Vulnerability

] - CVE number assigned [05/09/2014] - Version 4.2 released [23/09/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-5297 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano

[KIS-2014-10] X2Engine = 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability

Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-5298 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-10

[KIS-2014-11] TestLink = 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability

Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-8081 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-11

[KIS-2014-12] TestLink = 1.9.12 (database.class.php) Path Disclosure Weakness

: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-12

[KIS-2014-13] Tuleap = 7.6-4 (register.php) PHP Object Injection Vulnerability

/2014] - CVE number assigned [13/11/2014] - Version 7.7 released [27/11/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-8791 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio

[KIS-2014-14] Osclass = 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability

: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-14

[KIS-2014-15] Osclass = 3.4.2 (ajax.php) Local File Inclusion Vulnerability

requested [11/10/2014] - CVE number assigned [31/12/2014] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-8084 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original

[KIS-2014-16] Osclass = 3.4.2 (contact.php) Unrestricted File Upload Vulnerability

and Exposures project (cve.mitre.org) has assigned the name CVE-2014-8085 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-16

[KIS-2014-18] Mantis Bug Tracker = 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability

: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-18

[KIS-2014-19] Symantec Web Gateway = 5.2.1 (restore.php) OS Command Injection Vulnerability

by Egidio Romano, Secunia Research. [-] Original Advisory: http://karmainsecurity.com/KIS-2014-19

[KIS-2015-01] Concrete5 = 5.7.3.1 (sendmail) Remote Code Execution Vulnerability

. [-] Credits: Vulnerability discovered by Egidio Romano of Minded Security. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-01 [-] Other References: https://hackerone.com/reports/59663

[KIS-2015-02] Concrete5 = 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities

Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a name to these vulnerabilities yet. [-] Credits: Vulnerabilities discovered by Egidio Romano of Minded Security. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-02 [-] Other References: https://hackerone.com/reports

[KIS-2015-03] Concrete5 = 5.7.4 (Access.php) SQL Injection Vulnerability

[-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a name to this vulnerability yet. [-] Credits: Vulnerability discovered by Egidio Romano of Minded Security. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-03 [-] Other

[KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability

5] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-7712 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-08

[KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability

ned the name CVE-2015-7711 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-07

[KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability

ic disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-7815 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-09

[KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability

CVE number requested [14/10/2015] - CVE number assigned [22/10/2015] - Version 2.15.0 released: https://piwik.org/changelog/piwik-2-15-0 [04/11/2015] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-7816 to th

[KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability

CVE-2014-9752 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-05

[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability

disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-9753 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-06

[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability

lic disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-6497 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano of Minded Security. [-] Original Advisory: http://karmainsecurity.com/KIS-2015-04

[KIS-2016-05] SugarCRM <= 6.5.18 Two PHP Code Injection Vulnerabilities

osures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-05

[KIS-2016-04] SugarCRM <= 6.5.18 Missing Authorization Check Vulnerabilities

lnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-04

[KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability

ion 6.5.19 CE released: http://bit.do/sugar6519 [29/04/2015] - CVE number requested [23/06/2016] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability

[KIS-2016-07] SugarCRM <= 6.5.23 (SugarRestSerialize.php) PHP Object Injection Vulnerability

vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-07

[KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability

ated [01/12/2015] - CVE number requested [01/12/2015] - CVE number assigned [12/01/2016] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2015-8379 to this vulnerability. [-] Credits: Vulnerability discovered b

[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability

- CVE number assigned [12/02/2016] - Bug bounty received [23/02/2016] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2016-2212 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-02

[KIS-2016-08] Concrete5 <= 5.7.3.1 Multiple Cross-Site Request Forgeries Vulnerabilities

nce: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-08 [-] Other References: https://hackerone.

[KIS-2016-09] Concrete5 <= 5.7.3.1 Multiple Stored Cross-Site Scripting Vulnerabilities

uot; page. [-] Solution: Update to a fixed version. [-] Disclosure Timeline: [05/05/2015] - Vulnerabilities details sent through HackerOne [02/10/2015] - CVE number requested [28/12/2015] - Vendor said the vulnerabilities should be fixed in the upstream [26/06/2016] - Vulnerabilities publicly disclosed on HackerOne [28/06/2016] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-09 [-] Other References: https://hackerone.com/reports/59662

[KIS-2016-10] Concrete5 <= 5.7.3.1 (Application::dispatch) Local File Inclusion Vulnerability

The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-10 [-] Other References: https://hackerone.com/reports/59665

[KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability

tre.org) has assigned the name CVE-2016-6174 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2016-11

[KIS-2018-05] SugarCRM (SaveDropDown) PHP Code Injection Vulnerability

[-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2018-05 [-] Other References: https

[KIS-2018-03] SugarCRM (portal_get_related_notes) SQL Injection Vulnerability

t assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2018-03 [-] Other References: https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2018-003/

[KIS-2018-04] SugarCRM (ConnectorsController) Server-Side Request Forgery Vulnerability

018] - Fixed versions released and security advisory published [31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio R

[KIS-2018-02] SugarCRM (WorkFlow module) PHP Code Injection Vulnerability

ublication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2018-02 [-] Other

[KIS-2018-07] SugarCRM (Web Logic Hooks module) PHP Code Injection Vulnerability

31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/K

[KIS-2018-08] SugarCRM (Web Logic Hooks module) Path Traversal Vulnerability

published [31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainse

[KIS-2018-06] SugarCRM (addLabels) PHP Code Injection Vulnerability

31/12/2018] - Publication of this advisory [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has not assigned a CVE identifier for this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/K

[KIS-2018-01] Oracle Application Express (AnyChart) Flash-based Cross-Site Scripting Vulnerability

16/01/2018] - Oracle fixed the issue in the January Critical Patch Update (CPU) [31/12/2018] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2018-2699 to this vulnerability. [-] Credits: Vulnerability discove