Skip to content

There is a file upload vulnerability in lines 36 to 63 of src/main/java/com/cool/core/file/strategy/LocalFileUploadStrategy.java #20

Description

@liyunqiangs

The backed did not filter the types of uploaded files

Image

When adding a user,click on "Upload Profile Picture" and upload the Trojan file that has already had the extension changed to ".jpg".

Image

Use Burp to intercept the request packets and change the file extension from jpg to jsp.

Image

JSP Trojan file upload successful.

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions