uv (pip)
LowArbitrary File Deletion in uv via RECORD Entries
uv was published with a low severity advisory for arbitrary file deletion through crafted RECORD entries during uninstall.
GHSA-pjjw-68hj-v9mwGitHub Advisory
View referenceHi, I am
Andrew Lacambra
Full Stack Web Developer
I'm a Full Stack Web Developer with expertise in both frontend and backend technologies. I have experience working on web applications for agricultural management, security bug bounty hunting, and freelance web development projects. My skills span PHP, Laravel, MySQL, HTML, Tailwind, as well as modern web technologies.
Experience
My professional journey
Full Stack Web Developer
October 2024 - PresentPrivate Company
- Developed and maintained web applications for agricultural management, improving user experience and functionality.
- Collaborated with cross-functional teams to design and implement new features based on client requirements.
- Optimized backend services for performance and scalability using Laravel and MySQL.
- Managed server deployment and hosting infrastructure for production applications.
Independent Security Researcher
June 2021 - PresentBugcrowd
- Identified and reported security vulnerabilities in web applications, contributing to safer online environments.
- Collaborated with triage teams to understand and remediate reported issues.
- Utilized various tools and techniques to perform comprehensive security assessments.
- Conducted penetration testing on web applications and infrastructure.
Independent Security Researcher
June 2021 - PresentHackerOne
- Identified and reported security vulnerabilities in web applications, contributing to safer online environments.
- Collaborated with triage teams to understand and remediate reported issues.
- Utilized various tools and techniques to perform comprehensive security assessments.
- Participated in private and public bug bounty programs.
Web Developer
January 2018 - PresentFreelance
- Designed and developed custom websites for small businesses and individuals, enhancing their online presence.
- Provided ongoing maintenance and updates to ensure optimal website performance.
- Collaborated with clients to understand their needs and deliver tailored solutions.
- Managed hosting, domain setup, and server configuration for client projects.
Tech Stack
Technologies I work with
Web Development
PHPHTMLCSSMySQLJavaScriptTypeScriptNext.jsReactNode.jsAPIsREST APIsGraphQL
Libraries & Frameworks
LaravelTailwindPrismaStripeShadCN
Cybersecurity
Web Application SecurityVulnerability AssessmentPenetration TestingOWASP Top 10Bug BountySecurity Tools
DevOps
GitHub ActionsCI/CDDockerAWSVercelCloudflareLinuxBash ScriptingServer ManagementDeploymentNginxApache
Tools
GitVS CodePostmanFigmaBurp SuiteNmapWireshark
Featured Projects
Some things I've built
Detasseling Management System
A web application for managing the detasseling process in corn production, allowing users to track and optimize their workflows.
PHPHTMLTailwindMySQLLinuxNginx
Fleet Management System
A web application for managing vehicle fleets, allowing users to track vehicle status, maintenance schedules, and driver assignments.
PHPHTMLTailwindMySQLLinuxApache
Published Advisories
Security disclosures and research findings
rack (RubyGems)
LowRack Multipart Parsing Differential and WAF Bypass
Rack's greedy multipart boundary parsing can cause parser differentials and WAF bypass scenarios.
CVE-2026-26961NVD
View referencen8n (npm)
HighSQL Injection in n8n Data Table Node
n8n has a high severity SQL injection in the Data Table node via the orderByColumn expression.
CVE-2026-33713NVD
View referenceGet In Touch
Let's work together
Let's talk about your next project
Feel free to reach out for collaborations, freelance projects, or full-time opportunities. I'd be happy to hear from you. Fill out the form or contact me directly via email to connect.
Email me at
alacambradev@gmail.com
Based in
Pangasinan, Philippines