| • CVE-2018-13135. Joomla! Proclaim CSRF Vulnerability. | Link |
| • FG-VD-20-082. Nextcloud Cross-Site Scripting Vulnerability. | Unpatched |
| • FG-VD-20-081. Nextcloud Metadata Cross-Site Scripting Vulnerability. | Unpatched |
| • FG-VD-20-044. WordPress Plugin Elementor Page Builder Cross-Site Scripting Vulnerability. | Unpatched |
| • FG-VD-19-160. WordPress Cross-Site Scripting Vulnerability. | Unpatched |
| • FG-VD-19-144. Apache Solr Cross-Site Scripting Vulnerability. | Unpatched |
| • FG-VD-19-137. VMWare.com Subdomain Takeover Vulnerability | Patched |
| • FG-VD-19-037. ERPNext SQL Injection Vulnerability. | Unpatched |
| • FG-VD-19-036. ERPNext Cross-Site Scripting Vulnerability II. | Unpatched |
| • FG-VD-19-035. ERPNext Cross-Site Scripting Vulnerability. | Unpatched |
| • CVE-2019-9168. WordPress WooCommerce Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-19-002. Alibaba Xiami.com Cross-Site Scripting Vulnerability. (yzy9952) | Link |
| • CVE-2019-2527. Oracle VirtualBox Denial of Service Vulnerability. | Link |
| • FG-VD-18-160. Dell.com Subdomain Takeover Vulnerability | Patched |
| • FG-VD-18-159. Box.com Subdomain Takeover Vulnerability. | Patched |
| • PRODSECBUG-2168. Magento Commerce Cross-Site Scripting Vulnerability. | Link |
| • PRODSECBUG-2138. Magento Commerce Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-18-129. Microsoft Online Service Cookie Replay Vulnerability. | Won't fix. |
| • SECURITY-1080. Jenkins Config File Provider Plugin Cross-Site Scripting Vulnerability. | Link |
| • SECURITY-1075. Jenkins Metadata Plugin Cross-Site Scripting Vulnerability. | Link |
| • CVE-2018-13125. Easy Hosting Control Panel (EHCP) SQL Injection Vulnerability | Link |
| • CVE-2018-13124. Easy Hosting Control Panel (EHCP) XSS Vulnerability | Link |
| • FG-VD-18-026. Box.com DoS Vulnerability | Link |
| • FG-VD-18-004. pfSense XSS Vulnerability | Link |
| • CVE-2018-1000172. NextGEN Gallery XSS & DoS Vulnerability | Link |
| • APPSEC-1935. Magento XSS & DoS Vulnerability | Link |
| • CVE-2017-2018-11326. Joomla! Core XSS Vulnerability VI | Link |
| • CVE-2017-1000481. Plone Core XSS Vulnerability I | Link |
| • CVE-2017-1000482. Plone Core XSS Vulnerability II | Link |
| • CVE-2017-16822. Zimbra XSS Vulnerability | Link |
| • CVE-2017-7985. Joomla! Core XSS Vulnerability I | Link |
| • CVE-2017-7986. Joomla! Core XSS Vulnerability II | Link |
| • CVE-2017-7985. Joomla! Core XSS Vulnerability III | Link |
| • CVE-2017-7985. Joomla! Core XSS Vulnerability IV | Link |
| • CVE-2017-7985. Joomla! Core XSS Vulnerability V | Link |
| • CVE-2016-10112. WooCommerce XSS Vulnerability | Link |
| • CVE-2015-2181, CVE-2016-4069. Roundcube Webmail Cross-Site Request Forgery Vulnerability | Link |
| • CVE-2015-2522. Microsoft SharePoint XSS Spoofing Vulnerability | Link |
| • CVE-2015-2329. WordPress WooCommerce Plug-in XSS Vulnerability | Link |
| • CVE-2015-2324. WordPress Photo Gallery Plug-in XSS Vulnerability | Link |
| • CVE-2015-3619. Joomla Virue Mart Extension XSS Vulnerability | Link |
| • CVE-2015-7609. Zimbra Email Body XSS Vulnerability | Link |
| • CVE-2015-7609. Zimbra Warning Dialog XSS Vulnerability | Link |
| • CVE-2015-7610. Zimbra Cross-Site Request Forgery Vulnerability | Link |
| • FG-VD-16-003. Fitbit.com Cross-Site Request Forgery Vulnerability. | Coming |
| • FG-VD-16-018. WordPress Plugin Meta Slider Denial of Service Vulnerability. | Link |
| • FG-VD-16-027. WordPress All-in-One SEO Pack Plugin Cross-Site Scripting Vulnerability. | Link |
| • HackerOne. WordPress WooCommerce. (yzy9951) | Link |
| • FG-VD-15-057. Sina Weibo Spoofing Attack. (yzy9952) | Link |
| • FG-VD-15-056. Tencent qq.com XSS Vulnerability. (九棵树) | Link |
| • FG-VD-15-001. Disqus Brute Force Vulnerability. | Unpatched |
| • FG-VD-15-003. Schwab Cross-Site Request Forgery Vulnerability. | Unpatched |
| • FG-VD-15-075. Roundcube Webmail Brute Force Vulnerability | Link |
| • FG-VD-15-103 CVE-2015-9102. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-104 CVE-2015-9102. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-106 CVE-2015-9104. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-107 CVE-2015-9105. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-108 CVE-2015-9105. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-109 CVE-2015-9102. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-110 CVE-2015-9103. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-111 CVE-2015-9103. Synology Cross-Site Scripting Vulnerability. | Link |
| • FG-VD-15-112 CVE-2015-9102. Synology Cross-Site Request Forgery Vulnerability. | Link |
| • FG-VD-15-095. WordPress WooCommerce XSS Vulnerability. | Link |
| • FG-VD-15-096. WordPress WooCommerce Directory Listing Vulnerability. | Unpatched |
Zhouyuan Yang's Home Page 杨宙远的主页