- Credential Theft by XSS on Informatica PowerCenter Admin Console || Hackerone (#448831)
- Multiple XSS on Phproject || Fix (github)
- BOA Web Server 0.94.14 – Access to arbitrary files as privileges (CVE-2017-9883) || Exploit (github)
- WordPress Plugin Membership Simplified v1.58 – Arbitrary File Download (CVE-2017-1002008) || Exploit (ExploitDB) , Exploit (github) , Exploit (CXSecurity) , Exploit (0day.today)
- WordPress Plugin mobile-friendly-app-builder-by-easytouch v3.0 (CVE-2017-1002000) || Exploit (github), Exploit (ExploitDB), Exploit (CXSecurity)
- WordPress Plugin mobile-app-builder-by-wappress v1.05 CVE-2017-1002001) || Exploit (github), Exploit (ExploitDB), Exploit (CXSecurity)
- WordPress Plugin webapp-builder v2.0 (CVE-2017-1002002) || Exploit (github), Exploit (ExploitDB), Exploit (CXSecurity)
- WordPress Plugin wp2android-turn-wp-site-into-android-app v1.1.4 (CVE-2017-1002003) || Exploit (github), Exploit (ExploitDB), Exploit (CXSecurity)
- Zen App Mobile Native <=3.0 (CVE-2017-6104) || Exploit (github), Exploit (ExploitDB), Exploit (CXSecurity)
- WordPress 4.7 User Enumeration (CVE 2017-5487) || Exploit (github), Exploit (CXSecurity)
- WordPress Aspose Cloud eBook Generator File Download Vulnerability || Exploit (github)
- WordPress WP User Frontend Plugin [Unrestricted File Upload] || Exploit (github)
- Apache Byte Range Server DoS (CVE-2011-3192) || Exploit (github) , ZAP Alert , ZAP Scan/Exploit
- LibLime Koha <= 4.2 – Local File Inclusion Vulnerability (CVE-2011-4715) || Exploit (github)