Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-2186 PoC — Apache Commons FileUpload 输入验证错误漏洞

Source
https://github.com/sa1g0n1337/CVE_2013_2186
Associated Vulnerability
Title:Apache Commons FileUpload 输入验证错误漏洞 (CVE-2013-2186)
Description:The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.
Description
Source code for CVE-2013-2186
Readme
# CVE_2013_2186
Source code for CVE-2013-2186
File Snapshot

 [4.0K]  /data/pocs/a5ef55451083443599c376d29b41dc184837e540
├── [1.2K]  pom.xml
├── [  46]  README.md
└── [4.0K]  src
    └── [4.0K]  main
        ├── [4.0K]  java
        │   └── [4.0K]  vn
        │       └── [4.0K]  spl4yer
        │           └── [4.0K]  servlet
        │               ├── [ 851]  CreateFile.java
        │               ├── [2.5K]  FileUploadServlet.java
        │               ├── [3.1K]  HandleFileUpload.java
        │               └── [ 797]  User.java
        └── [4.0K]  webapp
            ├── [ 585]  index.jsp
            ├── [ 496]  result.jsp
            └── [4.0K]  WEB-INF
                └── [1001]  web.xml

8 directories, 9 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →