code
code copied to clipboard
totaljs
Online collaboration app for everyone.
Results
2
code issues
Sort by
recently updated
recently updated
newest added
Using the API `/api/common/ping` it's possible to achieve remote command execution on the host machine. This leads to complete control over the machine hosting the server. To reproduce the vulnerability:...
I recently stumbled upon [CVE-2022-44019](https://nvd.nist.gov/vuln/detail/CVE-2022-44019) and noticed that the fix implemented for it can be bypassed by using backticks. Backticks are used to execute a subcommand before the main command,...
