Here is a my selection of CVEs published:

2024

• [CVE-2024-48463]: Bruno IDE - Code Execution
• [CVE-2024-33329]: LumisXP - Unauthenticated XSS
• [CVE-2024-33328]: LumisXP - Unauthenticated XSS
• [CVE-2024-33327]: LumisXP - Unauthenticated XSS
• [CVE-2024-33326]: LumisXP - Information Disclosure + IDOR

2023

• [CVE-2023-26877]: SeSuite - Code Execution
• [CVE-2023-26876]: Piwigo - SQL Injection

2022

• [CVE-2022-2863]: WordPress WPvivid Backup - Path Traversal

2021

• [CVE-2021-46426]: phpIPAM - CSRF + XSS
• [CVE-2021-30140]: LiquidFiles 3.4.15 - Stored XSS

2020

• [CVE-2020-35581]: Envira Gallery Lite 1.8.3.3 - Stored XSS
• [CVE-2020-25790]: Typesetter CMS - Code Execution

2019

• [CVE-2019-20803]: Gila CMS 1.11.6 - Reflected XSS
• [CVE-2019-20804]: Gila CMS 1.11.6 - CSRF
• [CVE-2019-13363]: Piwigo (Version 2.9.5) - CSRF
• [CVE-2019-13364]: Piwigo (Version 2.9.5) - XSS