KENZIY

|

HackerOne Openbugbounty PentesterLab HackerRank

$ Companies I've Hacked

~/targets

$ CVE Discoveries

CVE-2025-6986 MEDIUM 6.5

FileBird — WordPress Media Library Folders & File Manager ≤ 6.4.8

SQL Injection via the 'search' parameter allows authenticated attackers with Author-level access to extract sensitive database information.

CWE-89 · SQL Injection

CVE-2025-6977 MEDIUM 6.1

ProfileGrid — User Profiles, Groups and Communities ≤ 5.9.5.4

Reflected Cross-Site Scripting (XSS) in pm_get_messenger_notification allows unauthenticated attackers to inject malicious scripts via crafted links.

CWE-79 · Cross-site Scripting

$ Certifications

Hacking

PentesterLab - Code Review Badge May 2025 - No Expiration Date
PentesterLab - PCAP Badge May 2025 - No Expiration Date
PentesterLab - Serialize Badge April 2023 - No Expiration Date
PentesterLab - White Badge December 2022 - No Expiration Date
PentesterLab - Unix Badge December 2022 - No Expiration Date
PentesterLab - Essential Badge October 2022 - No Expiration Date
PentesterLab - HTTP Badge July 2022 - No Expiration Date
PentesterLab - Android Badge July 2022 - No Expiration Date

Programming

HackerRank - JavaScript (Basic) Certificate April 2023 - No Expiration Date
HackerRank - SQL (Intermediate) Certificate December 2022 - No Expiration Date
HackerRank - SQL (Basic) Certificate December 2022 - No Expiration Date
HackerRank - CSS Certificate December 2022 - No Expiration Date

Trainings

Introduction to Penetration Testing February 2025 - No Expiration Date
AI in Modern Programming April 2023 - No Expiration Date
Defending Against Email Phishing April 2023 - No Expiration Date
WordPress Webinar Guest Speaker Certificate April 2022 - No Expiration Date

$ Education

Bachelor of Science in Information Technology

2014 - 2018