Veshraj Ghimire's Projects
30 Days of PHP source code analysis
Simple python program to execute terminal commands on telegram chats directly.
Need Your first pr for hacktoberfest 2k21 ? come on in
Some files for bruteforcing certain things.
BBT - Bug Bounty Tools
A simple script just made for self use for bypassing 403
Official repository for Concrete CMS development
An Awesome beginner-friendly repo to help you in open-source contributions. Made specifically for contributions in HACKTOBERFEST 2020! .Push any code in any language you want . Please leave a star ā to support this project! āØ
The plugin does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post/s.
The plugin does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly
WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields
The plugin, used as a companion for the Discy and Himer themes, does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks
WPQA < 5.5 - Unauthenticated Private Message Disclosure
https://english.ncsc.nl/contact/reporting-a-vulnerability-cvd
Join the GitHub Graduation Yearbook and "walk the stage" on June 5.
Most of the Google Acquisitions for Bug Bounty Hunter.
Do you know about HTML, CSS, python, c, c++ and js? We want to create a simple website with various functionalities, pages, and designs. Drop your projects in the projects directory. You can add HTML files, CSS, JS, or any other which can contribute to a website. You can also contribute your projects under the projects directory respectively.
Tutorials and Things to Do while Hunting Vulnerability.
A google keep clone where you can store notes on your browser. You can contribute to add additional features or fix existing.
A multilingual, extensible, community oriented CMS developed in PHP
Collection of blogs/publications by Nepali devs.
Collection of useful nodeJS snippets
Community curated list of templates for the nuclei engine to find security vulnerabilities.
https://blog.veshraj.info.np/
Enumerate most common password patterns with custom keyword.