Update about

Author: PSDat123

_posts/2024-11-13-CVE-2024-53900.md

@@ -1,5 +1,5 @@
 ---
-title: CVE-2024-53900
+title: CVE-2024-53900 + CVE-2025-23061
 date: 2024-12-19 20:03 +0700
 tags: [web, CVE]
 categories: [CVE]

_tabs/about.md

@@ -6,11 +6,13 @@ order: 4
 
 Hello, my name is Dat2Phit, I'm currently a final year IT student majoring in Software Engineering (but I like web security more) at HCMUS and also the president of [Computer Security Club - University of Science, VNU - HCM](https://www.facebook.com/hcmus.compsec.club)
 
-My main focus is web exploitation, I'm currently playing for my club's team, [blackpinker](https://ctftime.org/team/155048).
+My main focus is web exploitation, I'm currently playing ctf for [DeadSec](https://deadsec.team/) and my club's team, [blackpinker](https://ctftime.org/team/155048).
 
 I mainly train on dreamhack, the challenges there are really creative and fun, here's my profile [link](https://dreamhack.io/users/30626).
 ## CVEs
-- [CVE-2024-53900](https://nvd.nist.gov/vuln/detail/CVE-2024-53900) (mongoose)
+- [CVE-2024-53900](https://nvd.nist.gov/vuln/detail/CVE-2024-53900): Mongoose remote code execution
+- [CVE-2025-0465](https://nvd.nist.gov/vuln/detail/CVE-2025-0465): Unauthenticated RCE in AquilaCMS
+- [CVE-2025-23061](https://nvd.nist.gov/vuln/detail/CVE-2025-23061): Bypassed the patch for [CVE-2024-53900](https://nvd.nist.gov/vuln/detail/CVE-2024-53900)
 
 ## Achievements