========================================================== GHSA-h9qx-v5xp-ph8p reproduction @ 2026-07-07T22:41:26Z ========================================================== [+] Ensuring docker images are present... [+] ### VULNERABLE stack (26.2.20260216) ### [+] Starting egw_db_vuln (tag 26.2.20260216) [+] Waiting for egw_db_vuln to be healthy... [+] Starting egroupware_vuln / egw_nginx_vuln [+] Waiting for egroupware_vuln install to finish (attempt 1)... [+] egroupware_vuln ready after 7x5s (attempt 1) nginx->fpm OK [+] vuln attacker_id=7 [+] attacker logged in on egroupware_vuln {"response":[{"type":"message","data":{"message":"An error happened!\n\nClass \"EGroupware\\SmallParT\\Widgets\\Api\\Exception\\NoPermission\" not found\n\n\/usr\/share\/egroupware\/smallpart\/src\/Widgets\/SmallPartMediaRecorder.php (21)","type":"error"}}],"page_generation_time":"0.02"} [+] no-bypass denied? 1 0 0 payload size 3698 {"response":[{"type":"data","data":{"status":0,"offset":0}}],"page_generation_time":"0.00","session_restore_time":"0.00"} [+] bypass status:0? 1 ; header has injected code? count=1 fpm OK [+] vuln attacker_id=7 [+] attacker logged in on egroupware_vuln {"response":[{"type":"message","data":{"message":"An error happened!\n\nClass \"EGroupware\\SmallParT\\Widgets\\Api\\Exception\\NoPermission\" not found\n\n\/usr\/share\/egroupware\/smallpart\/src\/Widgets\/SmallPartMediaRecorder.php (21)","type":"error"}}],"page_generation_time":"0.02"} [+] no-bypass denied? 1 0 payload size 3698 {"response":[{"type":"data","data":{"status":0,"offset":0}}],"page_generation_time":"0.00","session_restore_time":"0.00"} [+] bypass status:0? 1 ; header has injected code? count=1