visitor@0xManticore:~$whoami
0xManticore
Saleh Elsayed (Senior Cybersecurity Consultant)
I am an offensive security specialist. I run penetration tests and red team engagements across web, API, mobile, network, Active Directory, and cloud environments, and I do vulnerability research and bug bounty hunting. My work is finding the way in before someone else does, then writing it up clearly enough to get fixed.
git log --author=vendors
Hall of Fame
and many more across public and private programs
- 5+yrsin offensive security
- 2000+vulnerabilities found
- 10+industry certifications
- 4published CVEs
cat ~/certs
Certifications
OffSec Experienced Penetration Tester
OffSec Web Expert
OffSec Certified Professional
OffSec Wireless Professional
CREST Registered Penetration Tester
CREST Practitioner Security Analyst
Hack The Box Certified Web Exploitation Specialist
Kali Linux Certified Professional
history
Work History
ls ~/research
Research and CVEs
- CVE-2026-20233CVSS 6.1 · Medium
Cisco Webex Meetings · Cisco
Insufficient input validation in the Webex Meetings web interface let an unauthenticated attacker run script in a targeted user’s browser through a crafted link.
- CVE-2026-7798CVSS 5.4 · Medium
FluentCRM · CRM and email marketing platform
An unauthenticated request could make the application issue server-side requests to attacker-chosen destinations, a path toward internal services. Affected up to version 2.9.87.
- CVE-2026-39449CVSS 7.1 · High
Contact Form to Any API · WordPress plugin, IT Path Solutions
An unauthenticated attacker could run script in a visitor’s browser through a crafted request, affecting all plugin versions up to 3.0.3.
- CVE-2026-57326CVSS 6.1 · Medium
Business Directory · WordPress plugin, Strategy11
An unauthenticated attacker could run script in the browser of a user viewing an affected page. Fixed in version 6.4.23.
ls ~/writeups
Selected write-ups
A reflected XSS in Cisco Webex Meetings, and what a clean disclosure looks like
Notes on reporting CVE-2026-20233, an unauthenticated reflected cross-site scripting issue in the Webex Meetings web interface, and the process that turned it into a fixed product and a named credit.
Unauthenticated SSRF in WordPress plugins, and the callback pattern that keeps producing it
A field note on the class of bug behind CVE-2026-7798 in FluentCRM. When a plugin fetches a URL supplied in an unauthenticated request, an allowlist is not optional. Educational only, no weaponization.
cat ~/ctf
Competitions and awards
- 1st2022
the largest CTF competition in Malaysia, UiTM
- 1st2022
HackTheBox Malaysia leaderboard
national ranking, Jun 2022 to Jan 2023
- 1st2022
individual competition
- 1st2020 and 2021
ASEAN Student Contest on Information Security, represented Malaysia
- 2nd2024
hosted by Nexus and CyberTalents
- 2nd2023
rawSEC 24-hour CTF, UiTM
- 2nd2021
F-Secure and MDEC Cybersecurity Competition
national competition
- 3rd2021
Asia Pacific University
cat ~/talks
Speaking
Speaker
Prompt Injection: A Newly Emerging Threat in the World of Artificial Intelligence
Riyadh, one of the largest cybersecurity conferences in the region.
speaker profile
./contact.sh
Get in touch
The fastest way to reach me is email. I am happy to talk about assessments, research, disclosure, or anything else on this page.
contact@0xmanticore.com




