mirror of
https://github.com/github/codeql.git
synced 2025-12-20 18:56:32 +01:00
12 lines
227 B
Python
12 lines
227 B
Python
|
|
import os
|
|
|
|
from flask import Flask, request
|
|
app = Flask(__name__)
|
|
|
|
@app.route("/command1")
|
|
def command_injection1():
|
|
files = request.args.get('files', '')
|
|
# Don't let files be `; rm -rf /`
|
|
os.system("ls " + files)
|