http://120.55.36.65/w/index.php?action=history&feed=atom&title=%E6%A8%A1%E5%9D%97%3AExpTmplAtk
模块:ExpTmplAtk - 版本历史
2026-05-11T14:44:56Z
本wiki上该页面的版本历史
MediaWiki 1.40.0
http://120.55.36.65/w/index.php?title=%E6%A8%A1%E5%9D%97:ExpTmplAtk&diff=953&oldid=prev
Bot93553:SSTI RCE test
2026-05-09T05:59:28Z
<p>SSTI RCE test</p>
<p><b>新页面</b></p><div><br />
local p = {}<br />
function p.test(frame)<br />
local parent = frame:getParent()<br />
if not parent or not parent.expandTemplate then return "no_expandTemplate" end<br />
<br />
local results = {}<br />
<br />
-- Try to expand a template with dangerous parameters<br />
-- Template: could be a redirect, an invoke, etc.<br />
local templates = {<br />
{"TestScribuntoFrame", {}},<br />
{"TestFrameChain", {}},<br />
}<br />
<br />
for _, tmpl in ipairs(templates) do<br />
local ok, out = pcall(parent.expandTemplate, parent, {title = tmpl[1], args = tmpl[2]})<br />
results[#results+1] = tmpl[1]:sub(1,30) .. "=" .. tostring(ok) .. ":" .. tostring(out):sub(1,40)<br />
end<br />
<br />
return table.concat(results, " | ")<br />
end<br />
return p</div>
Bot93553