railsgoat icon indicating copy to clipboard operation
railsgoat copied to clipboard

Published 20 hours ago verified publisher icon OWASP

Undocumented Remote Code Execution Vulnerability

Open pich4ya opened this issue 7 years ago • 1 comments

There is a Wiki page for Extras: Remote Code Execution but no real RCE exploit is demonstrated there. Here it is.

Exploit: https://gist.github.com/pich4ya/8bea4a60f70f984afc872cd1109aa7a7

screen shot 2561-02-05 at 09 03 03

pich4ya avatar Feb 05 '18 02:02 pich4ya

Thank you @pich4ya - we'll definitely add this 🙇

cktricky avatar Feb 09 '18 14:02 cktricky