Share
## https://sploitus.com/exploit?id=72E86D61-EC16-5F5D-BFFD-6CDB7361FA18
# Exploit Script Utility

![GitHub](https://img.shields.io/github/license/0romos/CVE-2022-35914)
![GitHub last commit](https://img.shields.io/github/last-commit/0romos/CVE-2022-35914)

## Overview

This repository contains a Python script designed to exploit CVE-2022-35914, a vulnerability in htmlLawed 1.2.5 that allows for Remote Code Execution (RCE). The script sends HTTP POST requests to a specified URL and executes arbitrary commands on the target system.

## CVE-2022-35914

- **Published**: 2022-09-15
- **CVE ID**: CVE-2022-35914
- **Impact**: Remote Code Execution
- **Affected Versions**: htmlLawed 1.2.5

## Usage

### Prerequisites

- Python 3.x
- Required Python packages (install using `pip install -r requirements.txt`)

### Running the Script

#### Single URL

To execute a command on a single target URL:

```bash
python3 exploit.py -u/--url <url> -c/--cmd <command>
```

## Fixes

To mitigate the vulnerability, it is recommended to update htmlLawed to a version that has addressed this vulnerability. Additionally, users should follow security best practices and regularly update their software to protect against known vulnerabilities.

## License

This project is licensed under the [MIT License](LICENSE).