Yoon is actively conducting security research on open-source projects, focusing on identifying and reporting vulnerabilities to relevant vendors to ensure timely patches.
So far, Yoon has discovered a total of 20 CVEs, mainly in PHP open-source projects from SourceCodester. These vulnerabilities include Cross-Site Scripting (XSS), SQL Injection, and Unrestricted File Upload flaws.
When vendors don’t respond or are unwilling to fix these issues, Yoon takes the responsible step of publicly disclosing the vulnerabilities. This helps alert users to the potential risks associated with the affected products. By providing detailed proof-of-concept (POC) exploits, Yoon aims to help others understand and reproduce the vulnerabilities, ultimately raising security awareness and contributing to the overall improvement of the open-source community.
- 20 CVEs Disclosed
| CVEs | ||||
|---|---|---|---|---|
| CVE-2024-6066 | CVE-2024-6067 | CVE-2024-6213 | CVE-2024-6214 | CVE-2024-6215 |
| CVE-2024-6216 | CVE-2024-6217 | CVE-2024-6418 | CVE-2024-6419 | CVE-2024-7942 |
| CVE-2024-7948 | CVE-2024-8140 | CVE-2024-8141 | CVE-2024-8142 | CVE-2024-8151 |
| CVE-2024-8152 | CVE-2024-8153 | CVE-2024-8154 | CVE-2024-8170 | CVE-2024-8172 |