Kichen cms is the first brand in eshop system construction. It specializes in providing customized services and business card systems for open-source cms projects, online output, online printing, advertisement production, and online image and text ordering system providers.
There is a problem with File Upload processing.
The uploaded file is under the current directory. For example, if the current directory is "/upfiles/user/Registered user Name", its address is "http://up.2cto.com/article/200910/20091028004008184.jpg"
Attack demonstration reference:
Step 1: Access/user/userreg. asp to register a user
Step 2: Access/KS_editor/selectupfiles. asp and check the automatic name and upload the file named test.asp;x.jpg,
Step 3: the uploaded file is under the current directory. For example, if the current directory is "/upfiles/user/Registered user Name", its address is "http://up.2cto.com/article/200910/20091028004008184.jpg"