Security Researcher, Penetration Tester, Software Engineer, Bionicle Enthusiast.
https://www.mathur.sh
- CVE-2023-30534: Insecure Deserialization of Filter Data in Cacti
- CVE-2022-35739: PRTG Network Monitor CSS Injection
- CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References
- CVE-2022-26653: ManageEngine Remote Access Plus Guest User Insecure Direct Object References
- CVE-2022-25373: ManageEngine Support Center Plus Stored XSS
- CVE-2022-25245: ManageEngine Asset Explorer Information Leakage
- CVE-2022-24681: ManageEngine AD Self Service Plus Stored XSS
- CVE-2021-38156: Nagios XI Stored XSS
- CVE-2021-29643: PRTG Network Monitor Stored XSS
- CVE-2021-31813: ManageEngine Applications Manager Stored XSS
- CVE-2021-28382: ManageEngine Key Manager Plus Stored XSS
- CVE-2021-27956: ManageEngine AD Self Service Plus Stored XSS
- NagiosXI 5.5.6-5.7.5 Command Injection Exploit Module for CVE-2021-25296, CVE-2021-25297, CVE-2021-25298
- Azure AD Login Scanner Module
- Microsoft RD Web Access Timing Attack Module
- Add CVE-2002-0422 Coverage to IIS Internal IP Module
See all my contributions to Metasploit here.
- Nuclei template for CVE-2023-30534
- Nuclei templates for CVE-2021-25296, CVE-2021-25297, and CVE-2021-25298
See a full list of my Nuclei contributions on GitHub here.