Microsoft IIS is parsing the file name“x. asp;x.jpg/x.php;x.jpg”vulnerability
When the file is named x. asp;x. jpg, Microsoft IIS will automatically to the asp format to be parsed. 而 当 文件 名为 x.php;x. jpg, Microsoft IIS will automatically in php format to be parsed.
So we just upload after x. asp;x. jpg such a form, you can perform our horses, tested, x.php;x. jpg is also possible to perform the