There are any files uploaded in the background of your website, you can upload PHP files, so that if the administrator password is leaked, the file uploaded through here can be directly getshell, take over the web
example:
I think you should limit the type of file you upload
The text was updated successfully, but these errors were encountered:
There are any files uploaded in the background of your website, you can upload PHP files, so that if the administrator password is leaked, the file uploaded through here can be directly getshell, take over the web


example:
I think you should limit the type of file you upload
The text was updated successfully, but these errors were encountered: