KCFinder 2.2 file upload vulnerability-vulnerability warning-the black bar safety net

2010-10-18T00:00:00
ID MYHACK58:62201028130
Type myhack58
Reporter 佚名
Modified 2010-10-18T00:00:00

Description

KCFinder 2. X upload page is not strictly filtered, resulting in a file upload vulnerability.

  1. Go to target link

<http://localhost/KCFinder/browse.php>

  1. upload your shell as [shell.php.jpg]

Note: only applicable to the linux system resolve the vulnerability.