xheditor default upload. php malformed file upload vulnerability-vulnerability warning-the black bar safety net

The file upload code uses a white list mechanism according to the truth that is relatively safe, but the problem appears in the white list mechanism to verify there. Use regular expression matching here gives us a bypass method in a iis parsing the properties to get a shell. Verification code:...