Carlos Bello

icon indicating a website link https://gist.github.com/Retr02332 icon indicating an email [email protected]

icon location Colombia icon location Our intelligence is the most powerful tool we can have, and it is in our hands to use it to learn, imagine and create.

Results 8 issues of Carlos Bello

The functionality change image allows access to local ports (SSRF).

## Bug description In PartKeepr before v1.4.0, the functionality to upload attachments using a URL when creating a part, does not validate that requests can be send to local ports,...

Bug
needs-triage

XSS in [demo.partkeepr.org]

# Bug description In PartKeepr versions up to and including 1.4.0, the attachment upload functionality allows an authenticated remote attacker to achieve an XSS on the application by uploading an...

Bug
needs-triage

There is a flaw in the mechanism for getting in and accepting invitations in a closed circle.

2 comment

Hello nextcloud team The version of the software and the app I use are as follows: Nextcloud 21.0.2 Circles 0.21.2 When a person wants to join a closed circle, they...

Critical Vulnerability

Hi Gridea team !! I sent a security report to the email you indicate, but the email is not getting through, according to gmail support. Do you have another email?...

question

Security Vulnerability

3 comment

Hi !! Do you have an email address where I can send a security vulnerability? Regards.

Security vulnerability

Hi, Any email to contact the security team? Regards.

Vulnerabilities found in laundry

Do you have an email where I can send you a couple of vulnerabilities I found in your software?

Critical security vulnerability

Hi @fraserxu, Any email where I can send a security report of a critical vulnerability I found in this application? Regards.