@pentest-tools.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Pentest-Tools.com

pentest-tools.com

did:plc:rdesfgypi36dlzlnlxze7vdp

"It's just dev mode." PTT-2025-028 / CVE-2026-30461 disagrees. Any authenticated user on a FuelCMS dev instance can drop a PHP shell via git submodule and call it from the browser. One HTTP request. Full RCE. CVSS 8.8 High. #offensivesecurity #vulnerabilityresearch

2026-04-09T10:41:22.292Z