Pentest-Tools.com, Security Research Lead
Full time security researcher living his life one CVE at a time. Will need to find a new way to measure time if CVEs are not a thing anymore.
Full time security researcher living his life one CVE at a time. Will need to find a new way to measure time if CVEs are not a thing anymore.
FuelCMS v1.5.2 might be an older, largely unmaintained project, but its codebase is still highly combustible. In our latest research sprint, we uncovered seven new vulnerabilities lurking under the hood. Read the full article to see the raw HTTP requests, learn how we bypassed brute-force rate limits, and watch us turn simple template syntax into a full system compromise.
Ever wondered what you can still do with 25-year-old code in a modern hosting environment? PTT-2025-021 was quite the journey! Unpack this (potentially Remote) Code Execution vulnerability we discovered and disclosed, which lets you bypass restricted environments like cPanel's jailshell. In part 1 of 3, we break down how an unsafe Perl "open" function became our ticket to a executing arbitrary system commands - and how the exploit works.
Here's how we weaponized SessionReaper (CVE-2025-54236) against Magento 2, chaining ServiceInputProcessor quirks and a session proxy setter to forge customer sessions and hijack accounts. Our lab-tested PoC exposes attack surface, a possible preauth RCE, and an automated exploit - a practical walkthrough for researchers who like coffee strong and bugs reliable.
