Closed ztz472947849 closed 5 years ago
admin login required.
FileManager.java
private String sanitize(String var) { String sanitized = var.replaceAll("\\<.*?>", ""); sanitized = sanitized.replaceAll("http://", ""); sanitized = sanitized.replaceAll("https://", ""); sanitized = sanitized.replaceAll("\\.\\./", ""); return sanitized; }
regex expression "\.\./" is designed to filter out "../" while "..././" totally bypasses it. it leads to arbitrary file read and directory traversal using admin portal's file manager.
"../" won't work
"..././" works.
已处理,下一版本更新
admin login required.
FileManager.java
regex expression "\.\./" is designed to filter out "../" while "..././" totally bypasses it. it leads to arbitrary file read and directory traversal using admin portal's file manager.
"../" won't work
"..././" works.