[ 2019-07-19T19:52:59+08:00 ] 148.70.249.226 /Public/upload/image//..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c/etc/passwd
在看日志,发现这后台有人在搞小动作。
URL 解码后:/Public/upload/image//................................/etc/passwd
至于安全怎么设置还没有想到,上传目录不能777?
文章来源:刘俊涛的博客 欢迎关注公众号、留言、评论,一起学习。
__________________________________________________________________________________
若有帮助到您,欢迎捐赠支持,您的支持是对我坚持最好的肯定(*^_^*)