https://nitesculucian.github.io/Lucian NitescuExplore the personal blog of a cybersecurity expert with a rich history in Red Teaming, Penetration Testing, and Incident Response since 2017. Active in the cyber community through roles in DefCamp CTF and Romanian Cyber Security Challenges, plus contributions to the bug bounty community. 2024-03-17T00:08:54+02:00 Lucian Nitescu https://nitesculucian.github.io/ Jekyll © 2024 Lucian Nitescu /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Creating environments for researching vulnerabilities with Digital Ocean2024-03-16T21:11:55+02:00 2024-03-16T21:11:55+02:00 https://nitesculucian.github.io/2024/03/16/creating-environments-for-researching-vulnerabilities-with-do/ Lucian Nitescu In cybersecurity, staying one step ahead of potential threats is crucial. This proactive approach is beneficial and necessary for bug bounty hunters, security researchers, and IT professionals who strive to safeguard digital assets from vulnerabilities. One effective way to achieve this is by setting up an environment tailored for researching known vulnerabilities. Such an environment allows us... Get started with Digital Ocean (DO) Droplets (VPS)2024-03-15T21:53:12+02:00 2024-03-15T21:53:12+02:00 https://nitesculucian.github.io/2024/03/15/get-started-with-digital-ocean-(do)-droplets-(vps)/ Lucian Nitescu What is the Digital Ocean? Digital Ocean is a cloud infrastructure provider that offers simplicity, scalability, and reliability for developers and businesses. Users can quickly deploy, manage, and scale applications with its intuitive platform. Digital Ocean provides various services, including Droplets (virtual private servers), managed databases, and object storage solutions, making it a ve... Wordpress About Author <= 1.3.9 Authenticated Stored XSS2019-10-25T17:24:00+03:00 2019-10-25T17:24:00+03:00 https://nitesculucian.github.io/2019/10/25/about-author-1-3-9-authentificated-stored-xss-vulnerability/ Lucian Nitescu A vulnerability has been identified in the WordPress “About Author” plugin versions lower than or equal to 1.3.9. This plugin is affected by an authenticated Stored Cross-site scripting (XSS) vulnerability. This means that an attacker with a valid account on the WordPress website could inject malicious code into the plugin, which could be executed whenever a user views the affected page. This... Wordpress Groundhogg <= 2.0.8.1 Authentificated Reflected XSS2019-10-23T21:50:00+03:00 2019-10-23T21:50:00+03:00 https://nitesculucian.github.io/2019/10/23/groundhogg-1-3-2-authentificated-reflected-xss-vulnerability/ Lucian Nitescu Wordpress Groundhogg plugin with a version lower then 2.0.8.1 is affected by an authenticated Reflected Cross-site scripting (XSS) vulnerability. Intial submission of the vulnerability # Exploit Title: Wordpress Groundhogg <= 2.0.8.1 Authenticated Reflected XSS Vulnerability # Date: 22-10-2019 # Exploit Author: Lucian Ioan Nitescu # Contact: https://twitter.com/LucianNitescu # Webiste: h... Wordpress Groundhogg <= 1.3.11.13 Authentificated SQL Injection2019-10-23T17:47:00+03:00 2019-10-23T17:47:00+03:00 https://nitesculucian.github.io/2019/10/23/groundhogg-1-3-2-authentificated-sql-injection-vulnerability/ Lucian Nitescu Wordpress Groundhogg plugin with a version lower than 1.3.11.13 is affected by an Authenticated SQL Injection vulnerability. Intial submission of the vulnerability # Exploit Title: Wordpress Groundhogg <= 1.3.11.13 Authenticated SQL Injection Vulnerability # Date: 23-10-2019 # Exploit Author: Lucian Ioan Nitescu # Contact: https://twitter.com/LucianNitescu # Webiste: https://nitesculucia...