Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity)

19,132.66

XP

949

Reports

3

Reports, last 90 days

#73

2 Jun, 2026

🇻🇳

Lvl 12

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Car Zone<= 3.7 Arbitrary File Deletion	25.8	8.6	28/10/2025
Wanium<= 1.9.8 Local File Inclusion	32.4	8.1	28/10/2025
Plumbing<= 1.6 PHP Object Injection	39.2	9.8	15/10/2025
SeaFood Company<= 1.4 PHP Object Injection	29.4	9.8	15/10/2025
Reisen<= 1.4.1 PHP Object Injection	29.4	9.8	15/10/2025
Hot Coffee<= 1.7 PHP Object Injection	29.4	9.8	15/10/2025
Qreatix<= 1.9.4 Cross Site Scripting (XSS)	7.1	7.1	15/10/2025
Genemy<= 1.6.6 Privilege Escalation	19.8	8.8	28/10/2025
Genemy<= 1.6.6 Broken Access Control	4.88	6.5	28/10/2025
CopyPress<= 1.4.5 Local File Inclusion	24.3	8.1	15/10/2025
Corbesier<= 1.15.0 Local File Inclusion	16.2	8.1	15/10/2025
Dazzle<= 1.0.0 Local File Inclusion	16.2	8.1	15/10/2025
Deliciosa<= 1.10.0 Local File Inclusion	16.2	8.1	15/10/2025
Snow Club<= 1.1 Local File Inclusion	16.2	8.1	15/10/2025
Especio<= 1.0 Local File Inclusion	16.2	8.1	15/10/2025
Food Drop<= 1.3 Local File Inclusion	16.2	8.1	15/10/2025
Fortius<= 2.3.0 Local File Inclusion	16.2	8.1	15/10/2025
Raider Spirit<= 1.1.2 Local File Inclusion	24.3	8.1	15/10/2025
AirSupply<= 2.0.0 Local File Inclusion	32.4	8.1	15/10/2025
Planty<= 1.14.0 Local File Inclusion	16.2	8.1	15/10/2025
Nexio<= 1.10.0 Local File Inclusion	16.2	8.1	15/10/2025
MaxiNet<= 1.2.10 Local File Inclusion	24.3	8.1	15/10/2025
LuxMed \| Medicine & Healthcare Doctor WordPress Theme<= 1.2.2 Local File Inclusion	16.2	8.1	15/10/2025
Iona<= 1.0.8 Local File Inclusion	16.2	8.1	15/10/2025
Ingenioso<= 1.14.0 Local File Inclusion	16.2	8.1	15/10/2025
Modernee<= 1.6.0 Local File Inclusion	16.2	8.1	15/10/2025
Imba<= 1.5.0 Local File Inclusion	16.2	8.1	15/10/2025
Rosaleen<= 2.8 Local File Inclusion	24.3	8.1	15/10/2025
Fermentio<= 1.5.0 Local File Inclusion	40.5	8.1	24/07/2025
AI Lab< 5.4.2 PHP Object Injection	29.4	9.8	02/03/2026
Kapee< 1.7.1 Cross Site Scripting (XSS)	14.2	7.1	02/03/2026
Hitek< 1.8.3 Local File Inclusion	24.3	8.1	10/02/2026
Solene Core<= 2.3.2 Local File Inclusion	32.4	8.1	02/02/2026
Solene<= 3.4 Local File Inclusion	32.4	8.1	02/02/2026
Mr. SEO<= 2.0 Local File Inclusion	24.3	8.1	02/02/2026
Malmö<= 2.2 Local File Inclusion	32.4	8.1	02/02/2026
Aperitif<= 1.5 Local File Inclusion	32.4	8.1	02/02/2026
Sanzo< 2.4.3 Cross Site Scripting (XSS)	3.25	6.5	15/01/2026
Meloo< 2.8.2 PHP Object Injection	13.2	8.8	15/01/2026
Jaroti< 1.4.8 Cross Site Scripting (XSS)	14.2	7.1	15/01/2026
Loobek< 1.5.2 Cross Site Scripting (XSS)	14.2	7.1	15/01/2026
Miti< 1.5.3 Cross Site Scripting (XSS)	7.1	7.1	15/01/2026
MyMedi< 1.7.7 Cross Site Scripting (XSS)	14.2	7.1	15/01/2026
Yobazar< 1.6.7 Cross Site Scripting (XSS)	14.2	7.1	15/01/2026
Reebox< 1.4.8 Cross Site Scripting (XSS)	10.65	7.1	15/01/2026
Nooni< 1.5.1 Cross Site Scripting (XSS)	14.2	7.1	15/01/2026
MyDecor< 1.5.9 Cross Site Scripting (XSS)	14.2	7.1	15/01/2026
Riode< 1.6.29 Cross Site Scripting (XSS)	14.2	7.1	29/01/2026
Pendulum< 3.1.5 PHP Object Injection	17.6	8.8	15/01/2026
Vex< 1.2.9 PHP Object Injection	8.8	8.8	15/01/2026
Molla< 1.5.19 Cross Site Scripting (XSS)	14.2	7.1	29/01/2026
Scape< 1.5.16 Arbitrary File Deletion	51.6	8.6	05/02/2026
The League<= 4.4.1 Broken Access Control	6.5	6.5	20/12/2025
Mixtape<= 2.1 Local File Inclusion	32.4	8.1	19/12/2025
Moments<= 2.2 Local File Inclusion	32.4	8.1	19/12/2025
Visionary Core<= 1.4.9 Cross Site Scripting (XSS)	14.2	7.1	14/12/2025
Jobica Core<= 1.4.1 Cross Site Scripting (XSS)	14.2	7.1	14/12/2025
The Aisle Core<= 2.0.5 Local File Inclusion	32.4	8.1	14/12/2025
Visionary Core<= 1.4.9 PHP Object Injection	17.6	8.8	14/12/2025
Jobica Core<= 1.4.1 PHP Object Injection	17.6	8.8	14/12/2025
Jobica Core<= 1.4.2 Broken Authentication	58.8	9.8	14/12/2025
Curly Core<= 2.1.6 Local File Inclusion	32.4	8.1	14/12/2025
Organici Library<= 2.1.2 SQL Injection	17	8.5	14/12/2025
Organici Library<= 2.1.2 PHP Object Injection	17.6	8.8	14/12/2025
Organici Library<= 2.1.2 Cross Site Scripting (XSS)	14.2	7.1	14/12/2025
CitiLights<= 3.7.1 PHP Object Injection	17.6	8.8	14/12/2025
CitiLights<= 3.7.1 Cross Site Scripting (XSS)	14.2	7.1	14/12/2025
Golo<= 1.7.0 Privilege Escalation	58.8	9.8	13/12/2025
Love Story<= 1.3.12 PHP Object Injection	29.4	9.8	10/12/2025
Work & Travel Company<= 1.2 PHP Object Injection	39.2	9.8	10/12/2025
Buisson<= 1.1.11 PHP Object Injection	39.2	9.8	10/12/2025
Belfort<= 1.0 Local File Inclusion	32.4	8.1	10/12/2025
LuxeDrive<= 1.0 Local File Inclusion	24.3	8.1	10/12/2025
MultiOffice<= 1.2 Local File Inclusion	32.4	8.1	10/12/2025
Amfissa<= 1.1 Local File Inclusion	32.4	8.1	10/12/2025
Deston<= 1.0 Local File Inclusion	32.4	8.1	10/12/2025
Emaurri<= 1.0.1 Local File Inclusion	32.4	8.1	10/12/2025
Rosebud<= 1.4 Local File Inclusion	24.3	8.1	10/12/2025
Melody<= 1.6.3 PHP Object Injection	32.4	8.1	08/12/2025
Beelove<= 1.2.6 PHP Object Injection	29.4	9.8	08/12/2025
Wizor's<= 2.12 Local File Inclusion	32.4	8.1	08/12/2025
VegaDays<= 1.2.0 Local File Inclusion	16.2	8.1	08/12/2025
Unica<= 1.4.1 Local File Inclusion	24.3	8.1	08/12/2025
Roisin<= 1.2.1 Local File Inclusion	24.3	8.1	08/12/2025
NeoBeat<= 1.2 Local File Inclusion	32.4	8.1	08/12/2025
Amoli<= 1.0 Local File Inclusion	16.2	8.1	08/12/2025
Morning Records<= 1.2 PHP Object Injection	16.2	8.1	08/12/2025
m2 \| Construction and Tools Store<= 1.1.2 PHP Object Injection	19.6	9.8	08/12/2025
Tripgo< 1.5.6 Local File Inclusion	24.3	8.1	08/12/2025
Triompher<= 1.1.0 Local File Inclusion	16.2	8.1	08/12/2025
Gioia<= 1.4 Local File Inclusion	32.4	8.1	08/12/2025
Dentalux<= 3.3 Local File Inclusion	32.4	8.1	08/12/2025
ProLingua<= 1.1.12 Local File Inclusion	24.3	8.1	08/12/2025
Nelson<= 1.2.0 Local File Inclusion	24.3	8.1	08/12/2025
Mr. Cobbler<= 1.1.9 Local File Inclusion	16.2	8.1	08/12/2025
Lella<= 1.2 Local File Inclusion	16.2	8.1	08/12/2025
Laurent<= 3.1 Local File Inclusion	32.4	8.1	08/12/2025
Hypnotherapy<= 1.2.10 Local File Inclusion	32.4	8.1	08/12/2025
Greenville<= 1.3.2 Local File Inclusion	16.2	8.1	08/12/2025
Good Homes<= 1.3.13 Local File Inclusion	16.2	8.1	08/12/2025

Report vulnerabilities to earn bounties and rewards!

Include pending