Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

任意文件下载漏洞 #76

Closed
QiAnXinCodeSafe opened this issue Oct 12, 2018 · 1 comment
Closed

任意文件下载漏洞 #76

QiAnXinCodeSafe opened this issue Oct 12, 2018 · 1 comment

Comments

@QiAnXinCodeSafe
Copy link

您好:
360代码卫士团队在litemall项目中发现了一个任意文件下载的漏洞,还请确认,详细信息如下:
在WxStorageController.java文件中提供了文件下载的功能
default
但由于没有对文件名做校验,导致恶意攻击者可以下载任意类型的文件,并且可以通过../来回溯下载任意路径下的文件。

@linlinjava
Copy link
Owner

非常感谢对安全的帮助,这里我增加了对../字符串的校验49ab94d0052672d4fb642505d44b94a18abea332。
不过,我放宽了对文件名的校验,目前我觉得对任意类型文件下载不要紧。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants