Research

I like to look for vulnerabilities in software. Below are some of the things I have found and received recognition for.

CVE	Vendor/Product	Advisory	Exploit	Coverage
CVE-2025-64328	FreePBX	GitHub: Authenticated Command Injection in FreePBX Administration GUI	Coming soon…
CVE-2025-34134	Nagios XI	Nagios: Changelogs Nagios: Security Disclosures VulnCheck	Coming soon…
CVE-2025-34287	Nagios XI	Nagios: Changelogs Nagios: Security Disclosures VulnCheck	Coming soon…
CVE-2025-34227	Nagios XI	Nagios: Changelogs Nagios: Security Disclosures	CVE-2025-34227_nagios-command-injection.txt
CVE-2024-13986	Nagios XI	Nagios: Changelogs Nagios: Security Disclosures	nagios_path-traversal_rce.txt
CVE-2021-42840	SuiteCRM	SuiteCRM release notes 7.11.19	Metasploit module	Metasploit blog post
CVE-2021-31933	Chamilo LMS	Chamilo Security tracker: Issue “#48	EDB-49867
No CVE	phpBB	phpBB Release	h1 Report 1018568
CVE-2020-4002	VMware VeloCloud	VMSA-2020-0025	Won’t be published	Help Net Security BleepingComputer
CVE-2020-28328	SuiteCRM	SuiteCRM release notes	EDB-49001

I also occasionally research or write exploits for vulnerabilities that other researchers discover

CVE	Discovery/Credit	Exploit
CVE-2020-16125	Github Security	exploit