About

My name is Daniele (aka @sk4) and I’m a security researcher. I help companies to improve their cybersecurity posture. In my spare time I’m a CTF player.

Articles

• Local Privilege Escalation via Zyxel VPN Client
• Zip Slip to RCE on Basercms - CVE-2021-41243
• CMS Made Simple from SQL-injection to RCE - CVE-2021-40961
• Have fun with file extension and file upload (cve-2019-16318)
• Weaponize ‘order by’ SQLi on WordPress Form Maker plugin (CVE-2019-10866)
• Exploiting RichFaces CVE-2018-12533 in a heavily firewalled box
• Polyglot PHAR’s deserialization for backdoored RCE (CVE-2019-10867)
• CMS Made Simple deserialization attack (CVE-2019-9055)
• SQL injection in Pimcore 6.2.3

Contacts

• Email: dscanu20[at]gmail[dot]com
• Twitter: @sk4pwn
• LinkedIn: Daniele Scanu