| Name | Summary | Date | Reference |
|---|---|---|---|
| CVE-2017-17101 | An unprotected CGI method inside the web application permits an unauthenticated user to bypass the login screen and access the webcam contents. | 2018-02-19 | CVE details Technical article |
| CVE-2018-17989 | A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 A1 1.01 and A1 Wind Infostrada 2.0 devices that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. | 2018-08-26 | CVE details Technical article |
| CVE-2018–17990 | An OS command injection vulnerability in Acl.asp allows a remote authenticated attacker to execute arbitrary OS commands via the ScrIPaddrEndTXT parameter. | 2018-08-26 | CVE details Technical article |
| C1 | In this paper we present IoT Security Checker, a solution for IoT security assessment coping with the most relevant IoT security issues. | 2018-12-31 | dblp Article |
| Hall of Fame | My name was listed inside the Telecom Italia (TIM) Hall of Fame after the responsible disclosure of a SQL injection vulnerability and an XSS | 2018-07-21 | TIM Hall of Fame |
| CVE-2020-9350 | Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly. | 2020-02-23 | CVE details Vendor Advisor |