Tran Nguyen Bao Khanh (VCI - VNPT Cyber Immunity)

18,796.81

XP

934

Reports

148

Reports, last 90 days

#25

19 Mar, 2026

🇻🇳

Lvl 11

Website

GitHub

Exploited

Affected software \| Vulnerability	AXP	Severity	Reported
Visionary Core<= 1.4.9 Cross Site Scripting (XSS)	14.2	7.1	Dec 14, 2025
Jobica Core<= 1.4.1 Cross Site Scripting (XSS)	14.2	7.1	Dec 14, 2025
The Aisle Core<= 2.0.5 Local File Inclusion	32.4	8.1	Dec 14, 2025
Visionary Core<= 1.4.9 PHP Object Injection	17.6	8.8	Dec 14, 2025
Jobica Core<= 1.4.1 PHP Object Injection	17.6	8.8	Dec 14, 2025
Jobica Core<= 1.4.2 Broken Authentication	58.8	9.8	Dec 14, 2025
Curly Core<= 2.1.6 Local File Inclusion	32.4	8.1	Dec 14, 2025
Organici Library<= 2.1.2 SQL Injection	17	8.5	Dec 14, 2025
Organici Library<= 2.1.2 PHP Object Injection	17.6	8.8	Dec 14, 2025
Organici Library<= 2.1.2 Cross Site Scripting (XSS)	14.2	7.1	Dec 14, 2025
CitiLights<= 3.7.1 PHP Object Injection	17.6	8.8	Dec 14, 2025
CitiLights<= 3.7.1 Cross Site Scripting (XSS)	14.2	7.1	Dec 14, 2025
Golo<= 1.7.0 Privilege Escalation	58.8	9.8	Dec 13, 2025
Love Story<= 1.3.12 PHP Object Injection	29.4	9.8	Dec 10, 2025
Work & Travel Company<= 1.2 PHP Object Injection	39.2	9.8	Dec 10, 2025
Buisson<= 1.1.11 PHP Object Injection	39.2	9.8	Dec 10, 2025
Belfort<= 1.0 Local File Inclusion	32.4	8.1	Dec 10, 2025
LuxeDrive<= 1.0 Local File Inclusion	24.3	8.1	Dec 10, 2025
MultiOffice<= 1.2 Local File Inclusion	32.4	8.1	Dec 10, 2025
Amfissa<= 1.1 Local File Inclusion	32.4	8.1	Dec 10, 2025
Deston<= 1.0 Local File Inclusion	32.4	8.1	Dec 10, 2025
Emaurri<= 1.0.1 Local File Inclusion	32.4	8.1	Dec 10, 2025
Rosebud<= 1.4 Local File Inclusion	24.3	8.1	Dec 10, 2025
Melody<= 1.6.3 PHP Object Injection	32.4	8.1	Dec 8, 2025
Beelove<= 1.2.6 PHP Object Injection	29.4	9.8	Dec 8, 2025
Wizor's<= 2.12 Local File Inclusion	32.4	8.1	Dec 8, 2025
VegaDays<= 1.2.0 Local File Inclusion	16.2	8.1	Dec 8, 2025
Unica<= 1.4.1 Local File Inclusion	24.3	8.1	Dec 8, 2025
Roisin<= 1.2.1 Local File Inclusion	24.3	8.1	Dec 8, 2025
NeoBeat<= 1.2 Local File Inclusion	32.4	8.1	Dec 8, 2025
Amoli<= 1.0 Local File Inclusion	16.2	8.1	Dec 8, 2025
Morning Records<= 1.2 PHP Object Injection	16.2	8.1	Dec 8, 2025
m2 \| Construction and Tools Store<= 1.1.2 PHP Object Injection	19.6	9.8	Dec 8, 2025
Tripgo<= 1.5.3 Local File Inclusion	24.3	8.1	Dec 8, 2025
Triompher<= 1.1.0 Local File Inclusion	16.2	8.1	Dec 8, 2025
Gioia<= 1.4 Local File Inclusion	32.4	8.1	Dec 8, 2025
Dentalux<= 3.3 Local File Inclusion	32.4	8.1	Dec 8, 2025
ProLingua<= 1.1.12 Local File Inclusion	24.3	8.1	Dec 8, 2025
Nelson<= 1.2.0 Local File Inclusion	24.3	8.1	Dec 8, 2025
Mr. Cobbler<= 1.1.9 Local File Inclusion	16.2	8.1	Dec 8, 2025
Lella<= 1.2 Local File Inclusion	16.2	8.1	Dec 8, 2025
Laurent<= 3.1 Local File Inclusion	32.4	8.1	Dec 8, 2025
Hypnotherapy<= 1.2.10 Local File Inclusion	32.4	8.1	Dec 8, 2025
Greenville<= 1.3.2 Local File Inclusion	16.2	8.1	Dec 8, 2025
Good Homes<= 1.3.13 Local File Inclusion	16.2	8.1	Dec 8, 2025
Gaspard<= 1.3 Local File Inclusion	16.2	8.1	Dec 8, 2025
Mounthood<= 1.3.2 PHP Object Injection	19.6	9.8	Dec 8, 2025
Jardi<= 1.7.2 PHP Object Injection	29.4	9.8	Dec 8, 2025
Estate<= 1.3.4 PHP Object Injection	29.4	9.8	Dec 7, 2025
Equestrian Centre<= 1.5 PHP Object Injection	29.4	9.8	Dec 7, 2025
Dental Clinic<= 3.7 PHP Object Injection	17.6	8.8	Dec 7, 2025
ColorFolio - Freelance Designer WordPress Theme<= 1.3 Deserialization of untrusted data	8.1	8.1	Dec 7, 2025
Etchy<= 1.0 Local File Inclusion	16.2	8.1	Dec 7, 2025
FindAll<= 1.4 Local File Inclusion	16.2	8.1	Dec 7, 2025
Felizia<= 1.3.4 Local File Inclusion	16.2	8.1	Dec 7, 2025
CasaMia \| Property Rental Real Estate WordPress Theme<= 1.1.2 Local File Inclusion	32.4	8.1	Dec 7, 2025
Au Pair Agency - Babysitting & Nanny Theme<= 1.2.2 Deserialization of untrusted data	16.2	8.1	Dec 7, 2025
AC Services \| HVAC, Air Conditioning & Heating Company WordPress Theme<= 1.2.5 Local File Inclusion	32.4	8.1	Dec 7, 2025
Agrofood< 1.4.0 Cross Site Scripting (XSS)	10.65	7.1	Dec 4, 2025
Thebe<= 1.3.0 Cross Site Scripting (XSS)	7.1	7.1	Dec 4, 2025
Solaris<= 2.5 PHP Object Injection	19.6	9.8	Dec 4, 2025
Pets Club<= 2.3 PHP Object Injection	29.4	9.8	Dec 4, 2025
Handyman<= 1.4.7 PHP Object Injection	29.4	9.8	Dec 4, 2025
Cookiteer<= 1.4.8 Local File Inclusion	8.1	8.1	Dec 4, 2025
Classter<= 2.5 PHP Object Injection	19.6	9.8	Dec 4, 2025
Wanderland<= 1.5 Local File Inclusion	32.4	8.1	Dec 4, 2025
Askka<= 1.0 Local File Inclusion	32.4	8.1	Dec 4, 2025
Remons<= 1.3.4 Local File Inclusion	16.2	8.1	Dec 4, 2025
Hoverex<= 1.5.10 Local File Inclusion	32.4	8.1	Dec 4, 2025
Don Peppe<= 1.3 Local File Inclusion	24.3	8.1	Dec 4, 2025
Berger<= 1.1.1 Local File Inclusion	24.3	8.1	Dec 4, 2025
Prowess<= 1.8.1 Local File Inclusion	32.4	8.1	Dec 4, 2025
Thecs<= 1.4.7 Cross Site Scripting (XSS)	10.65	7.1	Dec 3, 2025
TheBi<= 1.0.5 Cross Site Scripting (XSS)	7.1	7.1	Dec 3, 2025
Nutrie< 2.0.1 Arbitrary File Upload	14.85	9.9	Dec 3, 2025
Lendiz< 2.0.1 Arbitrary File Upload	14.85	9.9	Dec 3, 2025
Keenarch< 2.0.1 Arbitrary File Upload	14.85	9.9	Dec 3, 2025
Grand Wedding<= 3.1.0 PHP Object Injection	19.6	9.8	Dec 3, 2025
Charety< 2.0.2 Arbitrary File Upload	29.7	9.9	Dec 3, 2025
Car Zone<= 3.7 Deserialization of untrusted data	17.6	8.8	Dec 3, 2025
Ratatouille<= 1.2.6 Server Side Request Forgery (SSRF)	6.4	6.4	Sep 29, 2025
Global Logistics<= 3.20 Local File Inclusion	37.26	8.1	Sep 30, 2025
Manoir<= 1.11 Local File Inclusion	37.26	8.1	Sep 30, 2025
Chroma<= 1.11 Local File Inclusion	37.26	8.1	Sep 30, 2025
Craftis<= 1.2.8 Local File Inclusion	37.26	8.1	Sep 30, 2025
Foodie<= 1.14 Local File Inclusion	37.26	8.1	Sep 30, 2025
Nuts<= 1.10 Local File Inclusion	37.26	8.1	Sep 30, 2025
Helion<= 1.1.12 Local File Inclusion	37.26	8.1	Sep 30, 2025
Stargaze<= 1.5 Local File Inclusion	37.26	8.1	Sep 30, 2025
Motorix<= 1.6 Local File Inclusion	37.26	8.1	Sep 30, 2025
Kayon<= 1.3 Local File Inclusion	37.26	8.1	Sep 30, 2025
MoneyFlow<= 1.0 Local File Inclusion	37.26	8.1	Sep 30, 2025
EmojiNation<= 1.0.12 Local File Inclusion	37.26	8.1	Sep 30, 2025
Bonbon<= 1.6 Local File Inclusion	37.26	8.1	Sep 30, 2025
Invetex<= 2.18 Local File Inclusion	37.26	8.1	Sep 30, 2025
Tuning<= 1.3 Local File Inclusion	37.26	8.1	Sep 30, 2025
Edifice<= 1.8 Local File Inclusion	37.26	8.1	Sep 30, 2025
Progress<= 1.2 Local File Inclusion	37.26	8.1	Sep 30, 2025
Printy<= 1.8 Local File Inclusion	37.26	8.1	Sep 30, 2025
Grit<= 1.0.1 Local File Inclusion	37.26	8.1	Sep 23, 2025

Report vulnerabilities to earn bounties and rewards!

Include pending