dompdf-rce
dompdf-rce copied to clipboard
Published
20 hours ago •
positive-security
positive-security
Bad instructions
Using this in a CTF and in the README you use PHP to host the css and php file for the exploit. In order for this exploit to work you need to return the php file with the tags but it gets executed when you use a PHP server of course.
Hosting with python works:
python3 -m http.server 9001
