Skip to content
View JavierOlmedo's full-sized avatar
🕵️‍♀️
Researching!!
🕵️‍♀️
Researching!!
249 followers · 324 following

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Block or report JavierOlmedo

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
JavierOlmedo/README.md

Javier Olmedo

Author of Hackpuntes Blog | Cybersecurity enthusiast and CTF Player | 🌏 Toledo, Spain

Hack The Box Profile

Github Pages - Javier Olmedo

OSCP Certification OSWE Certification OSWE Certification Offshore Pro Lab

Skills

🐞 Penetration Testing 🛠️ Hacking Tools 👨🏻‍💻 Programming Language 🌐 Web Development
✅ Web Application ✅ Burp Suite ✅ Python ✅ HTML, CSS and Javascript
✅ Reversing APK ✅ Nmap ✅ Golang ✅ PHP
✅ Linux/Windows ✅ Nessus ✅ C# and Powershell ✅ Vue.js

My CVEs

CVE Name CVSS3 CVSS2 ExploitDB
CVE-2018-13832 All In One Favicon <= 4.6 - Multiple Stored Authenticated XSS 4.8 MEDIUM 🟠 3.5 LOW 🟢
CVE-2018-14430 Multi Step Form <= 1.2.5 - Multiple Unauthenticated Reflected XSS 6.1 MEDIUM 🟠 4.3 MEDIUM 🟠
CVE-2018-15571 Export Users to CSV <= 1.1.1 CSV Injection 8.6 HIGH 🔴 6.8 MEDIUM 🟠
CVE-2018-15873 Sentrifugo HRMS 3.2 - Blind SQL Injection 9.8 CRITICAL 🟣 7.5 HIGH 🔴
CVE-2018-15917 Jorani Leave Management System 0.6.5 - Cross-Site Scripting Persistente 5.4 MEDIUM 🟠 3.5 LOW 🟢
CVE-2018-15918 Jorani Leave Management System 0.6.5 - SQL Injection 5.4 MEDIUM 🟠 5.5 MEDIUM 🟠
CVE-2018-18478 Libre Network Monitoring System 1.43 - Stored Cross-Site Scripting 6.1 MEDIUM 🟠 4.3 MEDIUM 🟠
CVE-2018-18921 PHP Server Monitor 3.3.1 - Cross-Site Request Forgery 6.5 MEDIUM 🟠 5.8 MEDIUM 🟠
CVE-2018-18922 Ticketly 1.0 - Privilege Escalation 9.8 CRITICAL 🟣 5.0 MEDIUM 🟠
CVE-2018-18923 Ticketly 1.0 - Multiple SQL Injection 9.8 CRITICAL 🟣 7.5 HIGH 🔴
CVE-2018-19828 Integria IMS 5.0.83 - Cross-Site Scripting 6.1 MEDIUM 🟠 4.3 MEDIUM 🟠
CVE-2018-19829 Integria IMS 5.0.83 – Cross-Site Request Forgery 6.5 MEDIUM 🟠 5.8 MEDIUM 🟠
CVE-2019-7400 Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting 6.1 MEDIUM 🟠 4.3 MEDIUM 🟠
CVE-2019-15092 WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection 7.3 HIGH 🔴 6.0 MEDIUM 🟠
CVE-2019-19031 Easy XML Editor <= 1.7.8 - XML External Entity Injection 8.1 HIGH 🔴 5.5 MEDIUM 🟠
CVE-2019-19032 XMLBlueprint <= 16.191112 - XML External Entity Injection 8.1 HIGH 🔴 5.5 MEDIUM 🟠
CVE-2020-9038 Joplin through 1.0.184 allows Arbitrary File Read via XSS 5.4 MEDIUM 🟠 3.5 LOW 🟢
CVE-2021-43091 SQL Injection in yeswiki/yeswiki 7.5 HIGH 🔴 5.0 MEDIUM 🟠

Contact me

                                   

Made with ❤️ in Spain

Pinned Loading

  1. projectdiscovery/public-bugbounty-programs projectdiscovery/public-bugbounty-programs Public

    Community curated list of public bug bounty and responsible disclosure programs.

    Go 1.1k 370

  2. shodan-filters shodan-filters Public

    A list of shodan filters

    554 116

  3. OWASP-Calculator OWASP-Calculator Public

    🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

    HTML 156 67

  4. UltimateCMSWordlists UltimateCMSWordlists Public

    📚 An ultimate collection wordlists of the best-known CMS

    87 24

  5. ipdiscover ipdiscover Public

    🔍 A simple tool to obtain long lists of ips from domains using goroutines

    Go 26 5

  6. tmb5cg/Fifa-Autobidder tmb5cg/Fifa-Autobidder Public

    Selenium-based bot that autobids and autobuys players on FIFA 23 Ultimate Team's transfer market

    Python 146 45