table of Contents
2. File upload point (reproduction in actual combat)
statement:
Only used for penetration testing, white hat vulnerability mining. Please do not use it for illegal purposes. Illegal use will cause the consequences at your own risk.
1 Introduction
I accidentally saw an article on F12sec, so I have today's digging process. A certain white hat master found a general vulnerability in a website building system, which belongs to 0day. But this 0day vulnerability is speechless enough... Aspx executable files can be uploaded directly without any restrictions, and the vulnerability point is on the registration page. This loophole