Git Product home page Git Product logo

cve-2023-22515's Introduction

Valentin Lobstein: Ethical Hacker & Cybersecurity Enthusiast ๐Ÿ‘จโ€๐Ÿ’ป๐Ÿ”

Hi there! I'm Valentin Lobstein, a pentester and cybersecurity student at Oteria Cyber School. I'm passionate about ethical hacking, vulnerability research, and software development. I love sharing my knowledge and contributing to the cybersecurity community through my GitHub repositories. ๐ŸŒ๐Ÿ’ก

GitHub followers

๐Ÿงฐ Skills & Languages

  • Primary Language

    • Python
  • Secondary Languages

    • Lua PHP Ruby C
  • Hacking Tools

    • Metasploit Burp Suite Wireshark Nmap Exploits
  • Operating Systems

    • Windows Mint Kali Manjaro
  • Version Control

    • Git GitHub

๐Ÿ“š Repositories

In this GitHub account, you'll find a variety of cybersecurity projects. Feel free to explore, and learn! ๐ŸŽฎ๐Ÿ”

๐Ÿ“ Tools

Below is a list of tools I've developed, which are designed to assist in various cybersecurity tasks:

Tool Name Description Link
LFIHunt Advanced Tool To Scan And Exploit Local File Inclusion (LFI) Vulnerabilities. GitHub
LeakPy Python-based tool to query LeakIX.net's API. GitHub

๐Ÿ† Hall Of Fame

Below is a list of Hall of Fame acknowledgments where my contributions to cybersecurity have been recognized:

Company Hall of Fame Year
Ferrari Ferrari Hall of Fame 2023
Siemens Siemens Hall of Thanks 2024
Philips Philips Hall of Honors 2024

๐Ÿšจ CVE Contributions

I have contributed to identifying and documenting several CVEs. Here's a list of CVEs I've worked on:

CVE ID Description Link
๐Ÿ”’ CVE-2023-50917 Remote Code Execution in MajorDoMo. GitHub
๐Ÿ”’ CVE-2024-22899 to CVE-2024-22903, CVE-2024-25228 Exploit chain in Vinchin Backup & Recovery. GitHub
๐Ÿ”’ CVE-2024-30920 to CVE-2024-30929, CVE-2024-31818 Research and exploitation in DerbyNet. GitHub
๐Ÿ”’ CVE-2024-31819 Unauthenticated RCE in WWBN AVideo via systemRootPath. GitHub
๐Ÿ”’ CVE-2024-3032 Themify Builder < 7.5.8 - Open Redirect WPScan

Additionally, I serve as a moderator and hunter at LeakIX, contributing to the discovery and responsible disclosure of vulnerabilities

๐Ÿšจ Exploit Development & PoC Contributions

In addition to CVE contributions, I've been actively involved in exploit development and proof-of-concept (PoC) creation for various vulnerabilities. These efforts are aimed at demonstrating potential security risks and providing the cybersecurity community with tools for testing and mitigation.

Vulnerability Description Link
๐Ÿ”’ WordPress Backup & Migration 1.3.7 RCE Reproduced the exploit. Packet Storm
๐Ÿ”’ Vinchin Backup And Recovery Command Injection (CVE-2023-45498, CVE-2023-45499) Created a Metasploit module. Packet Storm
๐Ÿ”’ MajorDoMo Command Injection (CVE-2023-50917) Developed a Metasploit module. Packet Storm
๐Ÿ”’ Splunk XSLT Upload RCE (CVE-2023-46214) Authored a Metasploit module. Packet Storm
๐Ÿ”’ WordPress Royal Elementor Addons And Templates Remote Shell Upload (CVE-2023-5360) Created a Metasploit module. Packet Storm
๐Ÿ”’ Extensive VC Addons for WPBakery Page Builder < 1.9.1 Unauthenticated RCE Reported LFI to RCE escalation. WPScan
๐Ÿ”’ Bricks Builder Theme 1.9.6 Remote Code Execution (CVE-2024-25600) PoC Reproduction Reproduced PoC based on snicco's research and developed a Metasploit module. GitHub
Packet Storm
๐Ÿ”’ Unauthenticated RCE in WWBN AVideo (CVE-2024-31819) Developed a Metasploit module. Packet Storm

Caution

โš ๏ธ Disclaimer Please use the information and exploits provided in my repositories for educational purposes and responsible disclosure only. I am not responsible for any misuse or damage caused by using these tools, scripts, or exploits.




๐Ÿค“ Stats for nerds ๐Ÿ“Š

Introduction

Views
Visitors

reimaginedreadme

๐ŸŽถ Spotify ๐ŸŽง

Spotify

cve-2023-22515's People

Contributors

chocapikk avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar

cve-2023-22515's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.