Title:web2py 操作系统命令注入漏洞 (CVE-2023-45158) Description:web2py是web2py开源的一个免费和开源的全栈企业框架。用于敏捷开发安全的数据库驱动的基于 Web 的应用程序。 web2py 2.24.1及之前版本存在安全漏洞,该漏洞源于存在操作系统命令注入漏洞,精心设计的Web请求可能会在Web服务器上执行任意操作系统命令。
File Snapshot
None
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.