PGP key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBFXIwTYBCACx+HDekh0eiPpqXZOfbrQKKrbc5VZw6dB1HSIHPXZ9ifGMhGow
T6f8+gYU4SSlN/T9KiamAzlA9Nz7QdgEcXPq8tMexKQnoCyDM0wSHqOB1en7RRTN
JdchOynTYzFWt+IBoQRGspQE1SXP2RLUwioedtDz+C21iyNMwR6OcCoCFfGV2eeZ
aFM7oCKwSz9oxCJ+D3SUv5U9AZjKFoV0B52dJVVzeaqtnO3lJi7dK8+NTNY5ML+N
3cacO9qnngoNJ/iy/AtjTdmX+XHgCuSnEbY2kh3A1uAyr5ygh1YQ7K4kG7I7AXo9
lgrzQY7/xg8+uSY0NS4kJG/OEDBxX+yhNNBhABEBAAG0J0Rhd2lkIEdvbHVuc2tp
IDxkYXdpZEBsZWdhbGhhY2tlcnMuY29tPokBOAQTAQIAIgUCVcjBNgIbAwYLCQgH
AwIGFQgCCQoLBBYCAwECHgECF4AACgkQU/e+VX9sCuRSmAf+MXvieaQiPYNgjey0
lVmvEw/+6EJ4DFZ203mLdrDwKLPSe0GrzbYyma2AA8XcWDimuhvsJLJ4Rt8j7F9W
G8kyaCh0ms/NTlSI3aI5ctcaX79WtmOLwfTo+rtl0czj/3ZMXHHnH1ky0M390VQ8
ixsk5Y53wAeTSrvN8Rwyg0x1ZHanwBmgDtFPa1ubYmFDHx/Ke1H57EvVMlyi4Yz5
vs58rqr3UNKxwoANQ0X38BGHZ7K1zObZGOwJGkuGt+K3LvBOLn7fbS1P4i6u5oIw
vJRDyq6ZWrLivkc3pypUV09jjQ9vQIRSXwhfCPwRb/U45SgnO5zTq8Ospb9qsG2E
remeaLkBDQRVyME2AQgArg35L60GCpwFjMGZ4KhHedD+ioaW08E4S9pCuxsE2kzC
D/0RfzAlKeCgvrULGCTXU4kcy3ODAeNlByEtF1SE7FlSteS1X12S4Kyn8RXhYhjI
XNwYzTGTStwprYMaRSEcIqCIAHa/dcOZzsiibf+G1phwKs7FU31TSgZrbpEjNdYO
AzFpeV7BqHoo2lMQJCDEN2EIb5KEQvNxyzFjyjHcnuJ/4GQRYF0xBcVqjoiqoedF
8Uib8WM9yFF+W21auZ+yURPp6HdqT6Cv6Qx2djpC3uKfms6VOJKBDVSiQhx/GcKh
dPAobFVDfOdeWj88v3RZyR9wwRAlur5qRVIzD75iTQARAQABiQEfBBgBAgAJBQJV
yME2AhsMAAoJEFP3vlV/bArktOoH/2ID21GHxsDX/x6cutapMuveK/4pmZ/U2jWr
r+urzFYKV+muezkJCm2qy02pcJYud1DxRY5aCe2J5m1WYGROnCm5CyBb8NiQLBeK
uzk4cK1fYqk35475dE+vHdnFdz1Td2laSafYze+M2KPX82YN4R/dGsOn8hR+39b4
WXS7zzoHh+KSwvs2ab6E8Nd3p4s0jvOvQo/+L52q1+iWSnzahXRTc3u1RHIzTf+f
X6NszAhli121jVQxLeaSuxkXyuKZM5IcFfojY55GSjLUblA1A+I2qmkcheA6rs4E
hZ+4m5DgtVG5+fJpoDLLxtKYp4hSxhd59Z9mlTWMqptK0WGkW48=
=vtjs
-----END PGP PUBLIC KEY BLOCK-----

LEGAL
HACK
ERS



Dawid Golunski

Information Security.

Security Research.

Legal/ethical Hacking.

Penetration Testing.

Contact

Security advisories

Some of the released advisories can be found below:


  1. vBulletin <= 5.2.2 Preauth Server Side Request Forgery (SSRF)
  2. GNU Wget < 1.18 Arbitrary File Upload / Remote Code Execution
  3. CakePHP Framework <= 3.2.4 IP Spoofing Vulnerability
  4. Exim <= 4.86.2 Local Root Privilege Escalation
  5. Google AdWords API PHP client library <= 6.2.0 PHP Code Execution
  6. Google AdWords API client libraries - XML eXternal Entity Injection (XXE)
  7. eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM
  8. eBay Magento <= 1.9.2.1 Unrestricted Cron Script (Potential Code Execution / DoS)
  9. Kirby CMS <= 2.1.0 Authentication Bypass via Path Traversal
  10. Kirby CMS <= 2.1.0 CSRF Content Upload and PHP Script Execution
  11. Zend Framework <= 2.4.2 XML eXternal Entity Injection (XXE) on PHP FPM
  12. Nagios - Nagios Plugins - check_dhcp = 2.0.2 Race Condition
  13. Nagios - Nagios Plugins - check_dhcp <= 2.0.1 Arbitrary Option File Read
  14. Nagios - NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution
  15. Zabbix <= 1.8.1 SQL Injection
  16. Invision Power Board <= 3.0.4 Local PHP File Inclusion and SQL Injection
  17. WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution