ShopXp CMS upload vulnerability get Webshell-vulnerability warning-the black bar safety net

First, you must know the Administrator's directory, because upload only the background. In upLoadbm. asp file, the first did not Check a visitor's identity. So you can directly access The code is as follows: % uppath=request"a"&"/" 'file upload path filelx=request"b" 'file upload type 1-jpg...