Closed mux1ng closed 2 years ago
漏洞文件:code/app/controller/PocsFile.php add()函数$filename和$content完全可控导致任意文件写入 POC: filename=../../../code/app/controller/a.php&content=123
已修复,感谢反馈~
漏洞文件:code/app/controller/PocsFile.php add()函数$filename和$content完全可控导致任意文件写入 POC: filename=../../../code/app/controller/a.php&content=123