EzioPaglia Top Security Researcher of the Month Top VIP Security Researcher of the Month | Security Researcher Profile

Researcher reputation:  1090

Real name:
Ezio Paglia

About me:
My name is Ezio Paglia, I was born in 1959, I live in Grosseto (a town in the south of Tuscany - Italy). I was the sysadmin of the data centre of Grosseto municipality. Retired since July 2022. I have been dealing with security for some years.

Contact email:
mailto : [email protected]

Certifications & Diplomas:
Computer Science - University of Pisa ( Italy ) - Laurea in 1984 - Logica Matematica.

Experience in Application Security
over 5 years

Award / Bug Bounty I prefer:
Books or e-books on IT security, theory of numbers, theory of games, gifts or small donations.
Hall of Fame, Recommendations on OBB or LinkedIn.
Thanks.

Halls of Fame:
FastWeb, Altervista, At&t, Telecom Italia, Siemens, Chemnitz Univ, Bosch, Top 50 and Top 50 VIP on OpenBugBounty

Follow me on:
Twitter
LinkedIn

Ethics and Rules:
Ezio Paglia is required to abide by the ethics and rules of the Open Bug Bounty project. If you reasonably believe that rules are not respected, please report this to us.

Recommendations and Acknowledgements | Full List:

    2 April, 2024

     genoverband Dominick from Genoverband e.V.:

Thank you for your invaluable help in ensuring the security of our domain and its visitors!

    6 March, 2024

     Krok141 Krok141 from Tabor A Je To:

Thank you for reporting the issues, good work.

    10 October, 2023

     CERT_rlp CERT-rlp from CERT-rlp:

The team of CERT-rlp would like to thank EzioPaglia once again for a responsible and coordinated disclosure of XSS and SQLi vulnerabilities

    5 September, 2023

     dusalnet Almas from Dusal.net:

Thank you very much for reporting the vulnerability. Good luck with your everything!!!

    4 September, 2023

     GtBib Josep from directorioexit.info:

Your report was very helpful! Thank you very much !

    20 June, 2023

     MPDL Benjamin from Max Planck Digital Library:

Thank you for reporting a vulnerability on our website. We fixed it in the new version and shut down the test instance.

    23 May, 2023

     MinasPergantis Minas from Ionio:

Thank you for your help in ensuring the security of our domain and its visitors! Your contributions are invaluable.

    4 May, 2023

     Freedback_com Steve from Freedback.com:

Thanks, Ezio, for identifying the XSS vulnerability, and for our friendly email exchange!

    4 April, 2023

     fknipp Franz from qnipp:

Thanks for pointing out the issue.

    17 March, 2023

     travelfish Stuart from Travelfish:

Thanks for finding the issuing, passing on your find, and the quick reply. Cheers!

    15 March, 2023

     MrMoney84315336 Jens Weck from Mr-Money Software GmbH:

Thank you for reporting the issues, good work.

    23 February, 2023

     vovsoft Fatih from Vovsoft:

Great work. We fixed the issue.

    10 February, 2022

     CERT_rlp CERT-rlp from CERT-rlp:

The team of CERT-rlp would like to thank EzioPaglia again for a responsible and coordinated disclosure of several XSS vulnerabilities

    2 February, 2022

     EreMaijala Ere Maijala from The National Library of Finland:

Thank you for disclosing a vulnerability responsibly!

    23 November, 2021

     wdbacker wdbacker from Paradisio:

Thank you for reporting a vulnerability on our website. We fixed it and really appreciate your input!

    18 January, 2021

     CERT_rlp CERT-rlp from CERT-rlp:

The team of CERT-rlp would like to thank EzioPaglia for a responsible and coordinated disclosure of vulnerabilities

    5 January, 2021

     QuetteRene Security Team from Xsalto:

Merci de votre implication dans la sécurisation du site. Votre intervention a été très utile et appréciée.

    7 December, 2020

     shunn Bill from Sinister Regard Publishers:

Thanks for finding the XSS vulnerability. We have patched it swiftly, thanks to your vigilance.

    24 November, 2020

     w3c_systeam Systems Team from W3C:

Thank you for your report. We fixed the issue.

    6 October, 2020

     jshrc Josh Rice from UNL-CCFL:

Thanks for reporting this issue, and for being so responsive!

    4 September, 2020

     rundumsbaby rundumsbaby from rundumsbaby:

Thank you very much for the report. Very helpful.

    27 August, 2020

     cyberday_gmbh CYBERDAY from CYBERDAY:

thx for reporting xss issue

    3 August, 2019

     NewLineHorizon1 Melisa from NewLineHorizon:

Dear, Thanks for participating in responsible disclosure program. The reports you submitted were extremely helpful to our team and provided us the details we needed to resolve the issues that you identified. We are deeply committed to provide a safe and secure experience to our users and are therefore grateful for your efforts to help us improve our services. Best Regards!

    13 June, 2019

     aboros Boris from Officeshoes:

Good find! Thank you

    28 May, 2019

     wirismath Marketing & Communications from WIRIS MATH:

We want to thank EzioPaglia for detecting a security issue in one of our websites. He provided us details and gave us online support. We fixed the vulnerability with his valuable help ;)

    28 May, 2019

     ziduniwien Computer Center from University of Vienna:

Dear EzioPaglia, The University of Vienna would like to thank you for your valuable contribution in finding multiple website security issues. Your input is highly welcome and helps to raise the security level of our educational institution. Servus and greetings from Vienna, Austria.

    27 May, 2019

     enejcz Arkadiusz from Sterta.pl:

EzioPaglia found xss vulnerability on our website. We have fixed the issue. Thank you for your report!

    23 May, 2019

     Admeus Dani from Soa:

EzioPaglia discovered a XSS breach in our site, thanks to him was resolved.

    20 May, 2019

     LancasterUniSOC John from LU:

Thank you very much for reporting the issue, it is greatly appreciated.

    8 May, 2019

     CMCM_Webdesign Christopher from CMCM:

Thanks a lot for reporting the XSS vulnerability and providing an example, so I could easily see the problem and fix it. Very much appreciated!

    4 May, 2019

     vinceverbruggen Vincent from Undisclosed:

Thank you for notifying us about the XSS vulnerability you found on one of our websites and the quick response in order for us to resolve the issue.

    2 May, 2019

     CoolgearLabs Caleb from USBGear:

Thanks for the report and quick responses.

    21 April, 2019

     AniDBStatus AniDB from AniDB:

Thank you for reporting this bug. We appreciate your work!

    15 April, 2019

     watergateweb Alexios Tsiaparas from Watergate:

Another XSS vulnerability found, thanks a lot!

    27 March, 2019

     evergreen_uk Andrew from Evergreen:

Thanks Ezio, it's been a pleasure to deal with you.

    27 March, 2019

     giroud_francois Giroud from WebLettres:

Thanks a lot for reporting, and helping ! Ezio is professional, he answers fast and seems to be a true gentleman ;)

    25 March, 2019

     diogenesverlag Susanne from Diogenes Verlag:

Thank you very much for reporting, you helped us a lot - fixed.

    19 March, 2019

     rogerdc01 Roger from WEBenz:

Ezio has helped me with a vulnerability. Answered very fast after some questions and showed the way to examine the issue. Very professional!

    4 March, 2019

     _light_dem Matteo from Mys.it:

Professional, responds quickly, has helped us on more than one occasion

    23 February, 2019

     despegar_appsec Eliel from Despegar.com:

Ezio is extremely professional. The information provided was precise and we had no problem to fix the vulnerability reported. Thanks for helping us making our website more secure.

    20 February, 2019

     michael_eckel Michael Eckel from Michael Eckel IT:

Thank you very much for helping me discover and fix several XSS vulnerabilities.

    18 February, 2019

     cyberday_gmbh DLO from CYBERDAY GmbH:

thanks for reporting again

    11 February, 2019

     fisher_of_men11 Andy from Mudconnect.com:

Thank you again, another XSS vulnerability found and fixed!

    11 February, 2019

     dsmithgard Dan Smith from Patton Electronics:

Responsive and very helpful in getting my issue patched.

    9 February, 2019

     fisher_of_men11 Andy from Mudconnect.com:

Thank you for helping us discover an XSS vulnerability on mudconnect!

    8 February, 2019

     cyberday_gmbh DLO from CYBERDAY GmbH:

thanks for reporting

    4 February, 2019

     wimo_de Ekki Plicht from WiMo Antennen und Elektronik GmbH:

Thanks for pointing out yet another vulnerability :) Fixed.

    26 January, 2019

     ClementBourgoin Clément Bourgoin from Biblys:

Thanks for warning be about another XSS vulnerability.

    18 January, 2019

     laufpix laufpix from laufpix:

Thanks for helping us making our website more secure.

    14 January, 2019

     MatthiasCramer Crami from FreeStone:

Competent and fast communication, thanks for notifining me about my XSS problem.

    12 January, 2019

     ClementBourgoin Clément from Biblys:

Thanks for warning me about a XSS vulnerability.

    30 December, 2018

     WritingCom Owner from Writing.Com:

Thank you! OBB-715982 is patched. Have a happy new year!

Honor Badges

Number of Secured Websites

10+ Websites	50+ Websites	500+ Websites	WEB SECURITY VETERAN 1000+ Websites

Advanced Security Research

WAF Bypasser	CSRF Master 30+ Reports	AppSec Logic Master 30+ Reports	Fastest Fix Fix in 24 hours

Outstanding Achievements

Secured OBB	OBB Advocate	Improved OBB

Commitment to Remediate and Patch

Patch Master 55% Patched	Patch Guru 65% Patched	Patch Lord 75% Patched

Recommendations and Recognition

REPUTABLE 10+ Recommends	FAMOUS 25+ Recommends	GLOBALLY TRUSTED 50+ Recommends

Distinguished Blog Author

1 Post	3 Posts	5+ Posts

Research Statistics

Total reports:	11110
Total reports on VIP sites:	817
Total patched vulnerabilities:	5602
Total vulnerabilities on Hold (Open Bug Bounty):	751
Recommendations received:	52
Active since:	26.12.2018
Top Security Researcher Awards:	Top Security Researcher of the Month
Top VIP Security Researcher Awards:	Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Month Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week Top VIP Security Researcher of the Week

Open Bug Bounty Certificate

Reported Vulnerabilities

All Submissions VIP Submissions