Y
Hacker News
new
|
ask
|
show
|
jobs
by
revscat
4430 days ago
It is executing shell commands based on what you pass in through a request parameter. Since there is no filtering going on, you could, I suppose, pass in an entire bash script and have a good ol' time.