rce-proof.htm
title = "RCE Proof of Concept"
url = "/rce-proof"
layout = "default"
==
<?php
RajChowdhury240
/ final-finding.htm
Created
January 20, 2026 01:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| title = "SSTI RCE Final Findings" | |
| url = "/ssti-findings" | |
| layout = "default" | |
| == | |
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>SSTI RCE Research - Final Findings</title> | |
| <style> |
RajChowdhury240
/ final-ssti.htm
Created
January 20, 2026 01:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| title = "Final SSTI Exploit" | |
| url = "/final-ssti" | |
| layout = "default" | |
| == | |
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>SSTI Safe Mode Bypass - FINAL</title> | |
| <style> |
RajChowdhury240
/ minimal-ssti.htm
Created
January 20, 2026 01:43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| title = "Minimal SSTI Test" | |
| url = "/minimal-ssti" | |
| layout = "default" | |
| == | |
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>Minimal SSTI Exploitation</title> | |
| <style> |
RajChowdhury240
/ october-cms.md
Created
January 19, 2026 23:43
RajChowdhury240
/ dum.md
Created
January 17, 2026 22:52
RajChowdhury240
/ opencode-research.md
Created
January 17, 2026 00:42
⏺ security-vulnerability-hunter(Find additional RCE vulnerabilities) ⎿ Done (32 tool uses · 121.7k tokens · 4m 28s)
⏺ 🚨 Found Multiple Additional RCE Vulnerabilities!
I discovered 4 CRITICAL new RCE vulnerabilities beyond the original CVE. Here's the most dangerous one:
🔴 CRITICAL: Git Command Injection in GitHub Actions Integration
RajChowdhury240
/ vuln-report.md
Created
January 15, 2026 00:18
RajChowdhury240
/ typo3-CMS-RCE.md
Created
January 15, 2026 00:04
RajChowdhury240
/ tf.md
Created
January 14, 2026 15:43
RajChowdhury240
/ ssti-pycrocms-rce.py
Created
January 14, 2026 09:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from bs4 import BeautifulSoup | |
| from urllib.parse import urljoin | |
| def login(session, url, email, password): | |
| login_url = urljoin(url, '/admin/login') | |
| response = session.get(login_url) | |
| soup = BeautifulSoup(response.content, 'html.parser') | |
| token = soup.find('input', {'name': '_token'})['value'] |
NewerOlder