1.The location of the vulnerability is in taocms\include\Model\file.php from line 60 to line 72 and line 64 to determine whether the incoming folder is empty. Delete the empty folder. If it is not empty, it will not be deleted, but the incoming folder will not be deleted. File filtering.. And / although it is not possible to delete non-empty folders, but you can delete any file
2.Create a new file on disk d to delete it
3.Enter the background to find the file management function and find a file to delete
4.1.txt in the D drive directory and successfully deleted, it proves that you can indeed use ../ to jump to the directory to operate any file, but you need to pay attention to the folder can only delete empty folders
1.The location of the vulnerability is in taocms\include\Model\file.php from line 60 to line 72 and line 64 to determine whether the incoming folder is empty. Delete the empty folder. If it is not empty, it will not be deleted, but the incoming folder will not be deleted. File filtering.. And / although it is not possible to delete non-empty folders, but you can delete any file 2.Create a new file on disk d to delete it 3.Enter the background to find the file management function and find a file to delete 4.1.txt in the D drive directory and successfully deleted, it proves that you can indeed use ../ to jump to the directory to operate any file, but you need to pay attention to the folder can only delete empty folders