Security Researcher & Exploit Developer
Blog · Twitter · LinkedIn · Ko-fi
- CVE-2025-2611 - ICTBroadcast unauth RCE via cookie injection - Added to VulnCheck KEV (writeup · KEV)
- CVE-2025-34147 to 34152 - 6 unauth command injections in Aitemi M300 WiFi Repeater - Referenced by CERT-FR (writeup · CERT-FR)
- CVE-2026-28515 to 28517 - 3 chained vulns in openDCIM: missing auth + SQLi + command injection = unauth RCE (writeup)
- CVE-2026-27174 to 27181 - 8 vulns in MajorDoMo: 3 critical RCE, SQLi, 3 XSS (writeup)
- CVE-2024-22899 to 22903 - Exploit chain in Vinchin Backup & Recovery (exploit)
All CVEs
| CVE | Description | Links |
|---|---|---|
| CVE-2026-28515 to CVE-2026-28517 | 3 chained vulns in openDCIM: unauth RCE on Docker | Blog · Exploit |
| CVE-2026-27743 to CVE-2026-27747 | 5 vulns in SPIP plugins: 2 SQLi, 2 RCE, 1 XSS | Blog |
| CVE-2026-27174 to CVE-2026-27181 | 8 vulns in MajorDoMo: 3 RCE, SQLi, 3 XSS | Blog |
| CVE-2026-26220 | Unauth RCE via Pickle in LightLLM | Blog |
| CVE-2026-26215 | Unauth RCE via Pickle in manga-image-translator | Blog · VulnCheck |
| CVE-2025-34433, CVE-2025-34441, CVE-2025-34442 | Unauth RCE chain in AVideo | Blog · VulnCheck |
| CVE-2025-34452 | Path Traversal + SSRF in Streama | Blog · VulnCheck |
| CVE-2025-34147 to CVE-2025-34152 | 6 unauth command injections in Aitemi M300 - CERT-FR | Part 1 · Part 2 · CERT-FR |
| CVE-2025-30007 & CVE-2025-30008 | Unauth XSS in Vembu BDRSuite | Blog |
| CVE-2025-2611 | ICTBroadcast unauth RCE - VulnCheck KEV | GitHub · VulnCheck KEV |
| CVE-2025-2609 & CVE-2025-2610 | Stored XSS in MagnusBilling | Blog · VulnCheck |
| CVE-2025-2292, CVE-2025-30004 to CVE-2025-30006 | Auth vulns in Xorcom CompletePBX | VulnCheck |
| CVE-2024-31819 | Unauth RCE in AVideo | GitHub |
| CVE-2024-35373 & CVE-2024-35374 | 2 unauth RCE in Mocodo | Blog |
| CVE-2024-30920 to CVE-2024-30929, CVE-2024-31818 | Research in DerbyNet | GitHub |
| CVE-2024-22899 to CVE-2024-22903, CVE-2024-25228 | Exploit chain in Vinchin Backup & Recovery | GitHub |
| CVE-2024-3032 | Themify Builder Open Redirect | WPScan |
| CVE-2023-50917 | RCE in MajorDoMo | GitHub |
- pik - Exploit framework & SDK for Go
- wpprobe - Fast WordPress plugin enumeration (800+ stars, in Kali Linux)
- LFIHunt - Scan & exploit Local File Inclusion
- msf-exploit-collection - All my Metasploit modules in one place