• Home
  • About
    • About
    • Presentations/keynotes
    • Articles
    • Book chapters
    • Interviews
    • Zero-day advisories
    • Other activities
  • Books
  • Awards
  • Sponsorships
  • Contact

Zero-day advisories

 On this page, you can find more information about zero-days found and responsibly disclosed by Dr. Erlijn van Genuchten. A zero-day is a security hole in a computer system or application that is to that date unknown to its owners/developers/others who are able to fix it.

  • AUGUST 2022

    Security bug in Coda

    > Bug bounty confirmation

  • FEBRUARY 2017

    Improper Restriction of XML External Entity Reference (XXE) in agorum core Pro

    > Full publication

  • FEBRUARY 2017

    Cross-Site Request Forgery in agorum core Pro

    > Full publication

  • FEBRUARY 2017

    Cross-Site Scripting in agorum core Pro

    > Full publication

  • FEBRUARY 2017

    Insecure Direct Object Reference in agorum core Pro

  • FEBRUARY 2017

    Persistent Cross-Site Scripting in agorum core Pro

    > Full publication

  • OCTOBER 2015

    Insecure Direct Object Reference in Thru Managed File Transfer Portal

    > Full publication

  • OCTOBER 2015

    Improperly Implemented Security Check for Standard in Thru Managed File Transfer Portal

    > Full publication

  • OCTOBER 2015

    Insecure Direct Object Reference in Thru Managed File Transfer Portal

  • OCTOBER 2015

    Insecure Direct Object Reference in Thru Managed File Transfer Portal

    > Full publication

  • OCTOBER 2015

    Cross-Site Scripting in Thru Managed File Transfer Portal

    > Full publication

  • OCTOBER 2015

    SQL-Injection in Thru Managed File Transfer Portal

  • SEPTEMBER 2015

    URL Redirection to Untrusted Site in Novell Filr

    > Full publication

  • SEPTEMBER 2015

    > Full publication

  • JULY 2015

    Information Exposure Through Directory Listing in ownCloud

    > Full publication

    > Bug bounty report

  • JUNE 2015

    Missing Access Control in Page2Flip

    > Full publication

  • JUNE 2015

    Broken Authentication and Session Management in Page2Flip

    > Full publication

  • JUNE 2015

    Improper Handling of Insufficient Privileges in Page2Flip

    > Full publication

  • JUNE 2015

    Insecure Direct Object Reference in Page2Flip

    > Full publication

  • JUNE 2015

    Cross-Site Scripting in Page2Flip

    > Full publication

  • JUNE 2015

    Cross-Site Scripting in Page2Flip

    > Full publication

  • JUNE 2015

    Denial-of-Service in Page2Flip

    > Full publication

Home Privacy Terms and Conditions Imprint

Copyright © 2025 Sustainable Decisions All rights reserved.

{:lang_general_banner_cookie_disclaimer}
{:lang_general_banner_cookie_cookie} {:lang_general_banner_kartra_cookie}
{:lang_general_banner_cookie_privacy}
{:lang_general_powered_by} KARTRA