Shulou(Shulou.com)06/03 Report--

Editor to share with you what are common security vulnerabilities in the operation of web files, I believe most people do not know much about it, so share this article for your reference. I hope you will gain a lot after reading this article. Let's learn about it together.

When we do web development, we often do code walking, and most of the time, we spot-check some core functions, or the logic of vulnerabilities. With the growth of the technical team, the technology of the team members is becoming more and more mature. Common stupid SQL injection vulnerabilities and XSS vulnerabilities. There will be fewer and fewer, but we will also find some emerging hidden loopholes that occasionally appear. These vulnerabilities are more from the problems left by developers, such as the lack of functional design of a function and common modules. In the past, we were able to complete some functional modules, but now the requirement is to complete the module in a safe and correct way. Next, I will share some common functional modules that cause vulnerabilities due to design reasons. Next, let's take a look at the vulnerability of the read file function.

Let's take a look at the following code. The user enters different directories and contains different files.

The code is as follows:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.