Site icon API Security Blog

Arbitrary File Upload

zoujingli/thinkadmin is vulnerable to Arbitrary File Upload. The vulnerability exists because the library does not properly validate files uploaded via `api/upload.php`, which allows an attacker to bypass the file upload restrictions and execute malicious code on the system.Read More

Exit mobile version