Users can upload files loophole, upload any suffix
user/swfupload. Loopholes in the asp file
code is as follows:
If UpFileObj. The Form (" NoReName ")="1" Then "not more the name
Dim PhysicalPath, FsoObj: Set FsoObj=KS. InitialObject (KS) Setting (99))
PhysicalPath=Server MapPath (replace (TempFileStr," | ", ""))
TempFileStr=mid (TempFileStr, 1, InStrRev (TempFileStr,"/")) & FileTitles.
If FsoObj FileExists (PhysicalPath)=true Then
FsoObj. The MoveFile PhysicalPath, server MapPath (TempFileStr)
End If
End If
Member login, manually constructed a NoReName parameters can upload a custom file name
bypass dangerous code can use <! - #include file=" " - >Type to contain images can, can use the remote to download or modify/user/User_Blog. Asp? Action=BlogEdit LOGO files to upload code file in danger (do not check code oh)
fix:
filter..