arbitrary file upload

Users can upload files to their own designated directory, which will cause security problems
![image](https://user-images.githubusercontent.com/38176360/80298714-cdd5cc00-87c1-11ea-8e1c-be586d65c00a.png)

Uploading to these files in Linux will cause RCE：

~/.ssh/authorized_keys
/etc/cron.d/*
/var/spool/cron/*
/etc/crontab

POC:
![image](https://user-images.githubusercontent.com/38176360/80298748-070e3c00-87c2-11ea-9379-2ed1826ab526.png)

file in /etc
![image](https://user-images.githubusercontent.com/38176360/80298762-2f963600-87c2-11ea-89e4-b7b4101f6fff.png)




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

arbitrary file upload #1

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

arbitrary file upload #1

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions