About

I am a software and security engineer based in Recife with 10+ years of experience. Since 2020, I’m also building Unxpose a solution that simplifies cybersecurity for busy companies.

This is a place where I publish personal thoughts, research and things I learn while working with computers. I hope you can find something useful here. I haven’t been doing much research lately, but you can find some old references below.

Security advisories

• CVE-2018-17337 - XSS via SSID in NPLUG wireless repeater
• CVE-2018-12455 - Authentication bypass in NPLUG wireless repeater
• CVE-2018-12456 - Multiple CSRF in NPLUG wireless repeater
• CVE-2018-12457 - Privilege escalation in express-cart
• CVE-2018-3758 - Unrestricted file upload (RCE) in express-cart module
• 2017 - Persistent XSS in Ghost Blog 0.11.3