https://scriptkittens.com en-us Fri, 05 Jun 2026 21:58:37 GMT https://scriptkittens.com/blog/two-sinks-one-shell/ https://scriptkittens.com/blog/two-sinks-one-shell/ ZoneMinder's event export concatenates monitor names directly into shell commands. One unsanitized source, two exec() sinks, and a payload that someone else can trigger for you. Fri, 05 Jun 2026 00:00:00 GMT investigato vulnerability-research php command-injection zoneminder rce https://scriptkittens.com/blog/file-read-because-why-not/ https://scriptkittens.com/blog/file-read-because-why-not/ A path traversal in Camaleon CMS that only triggers under a weird combination of Rails 8, the Solid trio, and an S3 backend. Found by accident. Reproduced through stubbornness. Mon, 16 Feb 2026 00:00:00 GMT investigato cve ruby path-traversal camaleon-cms vulnerability-research