Over the time I have discovered and reported some security issues:
| Disclosure date | Program | Severity | URL |
|---|---|---|---|
| 2011/07/06 | PHP-Barcode | Remote code execution | Vendor [1] [2] |
| 2011/01/31 | Dokeos/Chamilo LMS | File disclosure | Chamilo [1] |
| 2011/01/29 | Dokeos/Chamilo LMS | File disclosure | Chamilo [1] |
| 2009/11/09 | Google Docs Viewer | XSS | Flaw explained |
| 2008/10/06 | Gforge | SQL Injection | Gforge |
| 2008/10/06 | Gforge | SQL Injection | Gforge |
| 2008/10/06 | Gforge | SQL Injection | Gforge |
| 2008/08/01 | RealVNC Viewer | Memory corruption | Exploit |
| 2008/01/20 | Claroline e-Learning | Multiple flaws (SQL Injection, Remote code execution, XSS) | Claroline |
| 2008/01/19 | SIVeL | XSS | SIVeL report |
| 2007/11/10 | Mozilla Firefox JAR: Redirect | SOP bypass | Mozilla advisory [1] [2] |
| 2007/07/02 | Microsoft Online Services | XSS | Microsoft's Acknowledgment [1][2] |
| 2006/08/02 | Kayako eSupport | Remote file include | exploit |
| 2006/05/08 | Dokeos LMS | Remote file include | exploit |
| 2006/05/08 | Claroline e-Learning | Remote file include | exploit |
| 2006/04/30 | Genius VideoCAM NB | Local privilege elevation | CVE-2006-1484 [1] [2] |
![[2]](/images/pwnt6qq.png){kind=link}