Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1、在文章管理,编辑一篇文章,可以上传文章缩略图 2、查看代码中对上传文件的限制,不允许上传exe和jsp文件 3、在文章缩略图哪里上传图片,拦截数据包,修改filename为**.jsp. 注意jsp后有个点,即可绕过对上传文件的限制(在windows系统上会自动去除后缀的最后一点.) 4、由于代码中没有对../等特殊字符进行限制,我们通过修改uploadPath来实现任意目录穿越,这样我们可以吧jsp或exe文件上传到任意目录下。 5、我们访问返回的url即可(要去点最后一个点)
The text was updated successfully, but these errors were encountered:
Please, all the security problems should use English. for that could stop somebody with evil to do that.
Sorry, something went wrong.
Use mcms 5.1 version, the official has solved the problem
限制就是只能是目标机器为Windows😄
No branches or pull requests
1、在文章管理,编辑一篇文章,可以上传文章缩略图




2、查看代码中对上传文件的限制,不允许上传exe和jsp文件
3、在文章缩略图哪里上传图片,拦截数据包,修改filename为**.jsp. 注意jsp后有个点,即可绕过对上传文件的限制(在windows系统上会自动去除后缀的最后一点.)
4、由于代码中没有对../等特殊字符进行限制,我们通过修改uploadPath来实现任意目录穿越,这样我们可以吧jsp或exe文件上传到任意目录下。
5、我们访问返回的url即可(要去点最后一个点)
The text was updated successfully, but these errors were encountered: