The administrator will use the beforSave function in the /common/models/AdminUser.php file to modify the avatar.
This function will call Util's handleModelSingleFileUpload function
We continue to use the handleModelSingleFileUpload function to find that the function directly calls the upload function without filtering the file name.
We followed up the saveAs function and found that the temporary file was directly moved to an undetected file name.
Vulnerability verification
The text was updated successfully, but these errors were encountered:
This function will call Util's handleModelSingleFileUpload function
The text was updated successfully, but these errors were encountered: