Hack the Galaxy

Security Research

This section details organizations hacked and lists my relevant CVES. The list will usually be incomplete due to NDA.

CVEs

CVE-2023-24069: Improper Cache Clearing in Signal Desktop ≤ 6.2.0

CVE-2023-24068: Incorrect Resource Transfer Between Spheres in Signal Desktop ≤ 6.2.0

CVE-2022-27226: CSRF to RCE in iRZ Mobile Routers through 2022-03-16

CVE-2021-45919: Studio 42 elFinder ≤ 2.1.31 Stored Cross-Site Scripting

CVE-2021-3442: Keybase Exposure of Sensitive Information to an Unauthorized Actor

CVE-2021-43032: XenForo ≤ 2.2.7 Stored XSS

CVE-2021-40875: Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulting in sensitive information exposure

CVE-2021-24495: Marmoset Viewer WordPress plugin < 1.9.3 Reflected XSS

CVE-2021-29662: Perl Data::Validate::IP Module Access Control Bypass

CVE-2021-27653: Pega Systems Improper Access Control

CVE-2021-28918: npm Netmask SSRF Bypass

CVE-2021-23827: Keybase Client Cleartext Storage of Sensitive Information

CVE-2020-27388: YOURLS 1.5 - 1.7.10, Multiple Stored Cross Site Scripting (XSS) Vulnerabilities in Admin Panel

CVE-2020-28360: npm private-ip SSRF Bypass (IP Phone Home)

CVE-2020-27403: TCL Android Smart TV Exposed File System Via HTTP

CVE-2020-28055: TCL Android Smart TV File Write Local Privilege Escalation