ofile.SaveToFile Server.mappath(FileName) '保存文件
set MyFile = server.CreateObject("Scripting.FileSystemObject")
set MyText = MyFile.OpenTextFile(Server.mappath(filename), 1) '读取文本文件
sTextAll = lcase(MyText.ReadAll)
MyText.close
set MyFile = nothing
sStr=".getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|saveas|wscript.shell|script.encode|server.|.createobject|execute|activexobject"
sNoString = split(sStr,"|")
for i=0 to ubound(sNoString)
if instr(sTextAll,sNoString(i)) then
set filedel = server.CreateObject("Scripting.FileSystemObject")
filedel.deletefile Server.mappath(filename)
set filedel = nothing
Response.Write("<script>alert('您上传的文件有问题,上传失败!');history.back();</script>")
Response.End
end if
next
ewebeditor漏洞
最新推荐文章于 2023-10-18 14:57:35 发布