http://drops.xmd5.com/static/drops/papers-4544.html
https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet: preg_replace("/.*/e","system('echo /etc/passwd')"); https://www.waitalone.cn/php-code-injection.html http://www.freebuf.com/articles/web/54086.html:图片上传,可以php上传,但是以图片解析,绕过限制 https://www.secpulse.com/archives/40617.html:绕过图片上传校验 eval('$obj=' . $obj . ';'); \x00在c字符串中会截断:http://www.cnblogs.com/cyjaysun/p/4390930.html
转载请注明原文地址: https://ju.6miu.com/read-4381.html
