Skip to content
View JavierOlmedo's full-sized avatar
๐Ÿ•ต๏ธโ€โ™€๏ธ
Researching!!
๐Ÿ•ต๏ธโ€โ™€๏ธ
Researching!!
232 followers · 323 following

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor
Block or Report

Block or report JavierOlmedo

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
JavierOlmedo/README.md

Javier Olmedo

Author of Hackpuntes Blog | Cybersecurity enthusiast and CTF Player | ๐ŸŒ Toledo, Spain

Hack The Box Profile

Github Pages - Javier Olmedo

OSCP Certification OSWE Certification OSWE Certification Offshore Pro Lab

Skills

๐Ÿž Penetration Testing ๐Ÿ› ๏ธ Hacking Tools ๐Ÿ‘จ๐Ÿปโ€๐Ÿ’ป Programming Language ๐ŸŒ Web Development
โœ… Web Application โœ… Burp Suite โœ… Python โœ… HTML, CSS and Javascript
โœ… Reversing APK โœ… Nmap โœ… Golang โœ… PHP
โœ… Linux/Windows โœ… Nessus โœ… C# and Powershell โœ… Vue.js

My CVEs

CVE Name CVSS3 CVSS2 ExploitDB
CVE-2018-13832 All In One Favicon <= 4.6 - Multiple Stored Authenticated XSS 4.8 MEDIUM ๐ŸŸ  3.5 LOW ๐ŸŸข โ€‹โœ…โ€‹
CVE-2018-14430 Multi Step Form <= 1.2.5 - Multiple Unauthenticated Reflected XSS 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โ€‹โŒ
CVE-2018-15571 Export Users to CSV <= 1.1.1 CSV Injection 8.6 HIGH ๐Ÿ”ด 6.8 MEDIUM ๐ŸŸ  โœ…
CVE-2018-15873 Sentrifugo HRMS 3.2 - Blind SQL Injectionโ€‹ 9.8 CRITICAL ๐ŸŸฃ 7.5 HIGH ๐Ÿ”ด โ€‹โœ…
CVE-2018-15917 Jorani Leave Management System 0.6.5 - Cross-Site Scripting Persistenteโ€‹ 5.4 MEDIUM ๐ŸŸ  3.5 LOW ๐ŸŸข โœ…โ€‹
CVE-2018-15918 Jorani Leave Management System 0.6.5 - SQL Injectionโ€‹ 5.4 MEDIUM ๐ŸŸ  5.5 MEDIUM ๐ŸŸ  โœ…
CVE-2018-18478 Libre Network Monitoring System 1.43 - Stored Cross-Site Scriptingโ€‹ 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โ€‹โŒโ€‹
CVE-2018-18921 PHP Server Monitor 3.3.1 - Cross-Site Request Forgery 6.5 MEDIUM ๐ŸŸ  5.8 MEDIUM ๐ŸŸ  โœ…
CVE-2018-18922 Ticketly 1.0 - Privilege Escalationโ€‹ 9.8 CRITICAL ๐ŸŸฃ 5.0 MEDIUM ๐ŸŸ  โ€‹โœ…
CVE-2018-18923 Ticketly 1.0 - Multiple SQL Injectionโ€‹ 9.8 CRITICAL ๐ŸŸฃ 7.5 HIGH ๐Ÿ”ด โœ…
CVE-2018-19828 Integria IMS 5.0.83 - Cross-Site Scriptingโ€‹ 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โœ…โ€‹
CVE-2018-19829 Integria IMS 5.0.83 โ€“ Cross-Site Request Forgeryโ€‹ 6.5 MEDIUM ๐ŸŸ  5.8 MEDIUM ๐ŸŸ  โœ…
CVE-2019-7400 Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scriptingโ€‹ 6.1 MEDIUM ๐ŸŸ  4.3 MEDIUM ๐ŸŸ  โ€‹โœ…โ€‹
CVE-2019-15092 WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection 7.3 HIGH ๐Ÿ”ด 6.0 MEDIUM ๐ŸŸ  โœ…
CVE-2019-19031 Easy XML Editor <= 1.7.8 - XML External Entity Injectionโ€‹ 8.1 HIGH ๐Ÿ”ด 5.5 MEDIUM ๐ŸŸ  โ€‹โœ…โ€‹
CVE-2019-19032 XMLBlueprint <= 16.191112 - XML External Entity Injection 8.1 HIGH ๐Ÿ”ด 5.5 MEDIUM ๐ŸŸ  โœ…
CVE-2020-9038 Joplin through 1.0.184 allows Arbitrary File Read via XSS 5.4 MEDIUM ๐ŸŸ  3.5 LOW ๐ŸŸข โŒโ€‹
CVE-2021-43091 SQL Injection inย yeswiki/yeswiki 7.5 HIGH ๐Ÿ”ด 5.0 MEDIUM ๐ŸŸ  โŒโ€‹

Contact me

ย ย ย  ย ย ย  ย ย ย  ย ย ย  ย ย ย  ย ย ย  ย ย ย  ย ย ย  ย ย ย 

Made with โค๏ธ in Spain

Pinned Loading

  1. projectdiscovery/public-bugbounty-programs projectdiscovery/public-bugbounty-programs Public

    Community curated list of public bug bounty and responsible disclosure programs.

    Go 1k 352

  2. shodan-filters shodan-filters Public

    A list of shodan filters

    537 116

  3. OWASP-Calculator OWASP-Calculator Public

    ๐Ÿงฎ An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

    HTML 141 64

  4. UltimateCMSWordlists UltimateCMSWordlists Public

    ๐Ÿ“š An ultimate collection wordlists of the best-known CMS

    81 26

  5. ipdiscover ipdiscover Public

    ๐Ÿ” A simple tool to obtain long lists of ips from domains using goroutines

    Go 22 5

  6. tmb5cg/Fifa-Autobidder tmb5cg/Fifa-Autobidder Public

    Selenium-based bot that autobids and autobuys players on FIFA 23 Ultimate Team's transfer market

    Python 143 46