Cybersecurity Researcher and Ethical Hacker
Specializing in Vulnerability Assessment
Cervantes version Alpha 0.5 and below were found to be vulnerable to Stored XSS at multiple places, in addition to being vulnerable to Insecure File Uploads that could be used for HTML Injection attacks. CVE-2024-42054CVE-2024-42055 Summary...
The OWASP Top 10 is a list of the most critical web application security risks as determined by the Open Web Application Security Project (OWASP). The list is updated every three to four years, with the latest version being the OWASP Top 10 –...
Setting up this website taught me a lot of things, things I otherwise did not have a chance of learning up until that point. As such, I am writing a brief article on the topic of how I set this website up in hopes of it being helpful to someone...
WordPress Search plugin, Ivory Search version 4.6 and below were found to be vulnerable to reflected XSS while I was testing the plugin. Version 4.6.1 with a fix was released on March 30, 2021. CVE-2021-24234 Summary Ivory Search is an advanced...
WordPress recipe plugin, Cooked Pro version 1.7.5.5 and below were found to be vulnerable to reflected XSS at multiple places while I was testing the plugin. Version 1.7.5.6 with a fix was released on March 30, 2021. CVE-2021-24233 Summary Cooked...
Online Invoicing System is an open source web application by BigProf Software that can be used for the simple invoicing needs of small businesses, consultants and freelancers. OIS 4.3 and below were found to be vulnerable to CSV Injection during my...
