CIRCLE WITH A DOT

ZAST Agent has identified 14 vulnerabilities in pybbs (tomoya92/pybbs, 2.9k+ GitHub Stars).The attack surface includes 8 XSS vectors, CSRF on admin endpoints, and CAPTCHA reuse. Traditional SAST, which focuses on pattern matching, does not analyze logic flaws like email bypass or multi-stage flows (Stored XSS via /api/settings).Our engine verified every attack path—from payload persistence to triggering admin-level execution—via executable PoCs. This minimizes the triage effort required for these validated findings.Repo: https://github.com/tomoya92/pybbs Full Technical Details: https://blog.zast.ai/security%20research/Security-Advisory-7-Unpatched-Vulnerabilities-in-Prime-(CMS)-GraphQL-Implementation/#AppSec #ZAST #VulnerabilityResearch #Java #XSS

Most research write-ups stop at the "what." We’re documenting the "how".The new Research Hub at Pentest-Tools.com (led by Matei Badanoiu) shares the full discovery path, from initial anomalous behavior to functional exploit chains. We’re prioritizing technical logic and field constraints over sanitized summaries to help the hacker community sharpen their methodology.Full path to discovery: https://pentest-tools.com/research #infosec #vulnerabilityresearch

Seven bugs. One unauthenticated RCE chain. Zero clicks.This original research by our offensive security team into FuelCMS (v1.5.2) uncovered seven new vulnerabilities. By chaining some of them, we achieved Remote Code Execution (RCE).The root causes? A *12-year-old Dwoo templating engine* and *outdated CodeIgniter3 code* still lurking in production systems.The exploit chain combines: Account takeover (PTT-2025-025): reset password tokens leaked by sending them to the attacker's inbox SQL injection (PTT-2025-030): usernames extracted during password reset (optional step) PHP code execution (PTT-2025-026): unsanitized backslashes in the Dwoo parser resulting in RAW PHP CODE EXECUTIONResult: full web app compromise.We published the full exploit chain on our blogpost so practitioners can reproduce and validate the findings. Read the detailed research here: https://pentest-tools.com/blog/throwing-a-spark-in-fuelcmsMany thanks to Matei Badanoiu, Raul Bledea and Eusebiu Boghici for their contributions.#offensivesecurity #vulnerabilityresearch #pentesting #infosecOut of curiosity: how often do you still run into 10+ year-old libraries during engagements?

We just launched the Offensive Security Research Hub on Pentest-Tools.com!This isn’t a CVE recap page.Our #offensivesecurity team - led by Matei Badanoiu (CVE Jesus) - publishes original research: newly discovered vulnerabilities, deep technical write-ups, and full exploit chains built from real-world investigation.You’ll see:️ Working PoCs and reproducible exploit paths🧠 The exact reasoning that turned strange behavior into confirmed impact️ Field-tested analysis of edge cases, constraints, and trade-offsNo summaries. No recycled advisories.This is practitioner-grade research from people who _actively_ hunt and validate vulnerabilities.If you want to understand how experienced attackers approach complex targets, start here.Bookmark this link, we're going to update it frequently with new learnings: https://pentest-tools.com/research#vulnerabilityresearch #ethicalhacking #infosec