Vulnerability location app/Controller/Admin/Api/App.php uninstall()
The system does not verify the post value so we can input anything
Delet chain
but it has waf we can use url encode bypass it
pyload
we send the post the we can see All files in this directory have been deleted
lizhipay
commented
1 year ago
Vulnerability location app/Controller/Admin/Api/App.php uninstall()
The system does not verify the post value so we can input anything
Delet chain
but it has waf we can use url encode bypass it
pyload
we send the post the we can see All files in this directory have been deleted
