제출 #251277: saysky ForestBlog 2023-12-13 Arbitrary file upload정보

제목saysky ForestBlog 2023-12-13 Arbitrary file upload
설명标题:ForestBlog ./admin/upload/img接口 存在任意文件上传漏洞 概述:ForestBlog 中发现了一个被归类为严重的漏洞。这会影响文件\controller\admin\UploadFileController.java。对非法后缀的过滤被绕过导致任意文件上传漏洞 咨询:https://github.com/daydust/vuln/blob/main/ForestBlog/Arbitrary_File_Upload_Vulnerability.md
사용자
 daylightqc (UID 59735)
제출2023. 12. 12. PM 05:35 (3 연령 ago)
모더레이션2023. 12. 16. AM 09:38 (4 days later)
상태수락
VulDB 항목248247 [saysky ForestBlog 까지 20220630 Image Upload /admin/upload/img filename 권한 상승]
포인트들16

Do you want to use VulDB in your project?

Use the official API to access entries easily!