| Title | wander-chu SpringBoot-Blog 1.0 arbitrary file uploads |
|---|
| Description | The upload method in src/main/java/com/my/blog/website/controller/admin/AttachtController.java does not restrict the uploaded files, and can directly upload JSP and HTML Trojan files |
|---|
| Source | ⚠️ https://github.com/wander-chu/SpringBoot-Blog/issues/6 |
|---|
| User | LVZC2 (UID 76821) |
|---|
| Submission | 12/28/2024 10:13 AM (1 Year ago) |
|---|
| Moderation | 01/08/2025 03:51 PM (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 290794 [wander-chu SpringBoot-Blog 1.0 Admin Attachment AttachtController.java upload File unrestricted upload] |
|---|
| Points | 15 |
|---|