file-access-vuln
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseFile Access Router
File Access Router
这是文件系统、下载接口、上传链路与文件预览处理的分类入口。
This is the category entry for file systems, download APIs, upload links, and file preview processing.
When to Use
When to Use
- 参数、文件名、下载接口或导入流程会影响文件路径
- 目标支持上传、预览、转码、解压、分享、下载或代理文件访问
- 你需要判断当前更偏向路径穿越、LFI,还是上传验证与处理链问题
- Parameters, file names, download endpoints or import processes affect the file path
- The target supports upload, preview, transcoding, decompression, sharing, download or proxy file access
- You need to determine whether the current problem is more inclined to path traversal, LFI, or upload verification and processing chain issues
Skill Map
Skill Map
- Path Traversal LFI: 路径穿越、文件读取、wrapper、包含链
- Upload Insecure Files: 上传校验、存储路径、处理链、覆盖、预览与分享边界
- Path Traversal LFI: path traversal, file reading, wrapper, inclusion chain
- Upload Insecure Files: upload verification, storage path, processing chain, overwriting, preview and sharing boundaries
Recommended Flow
Recommended Flow
- 先看入口是路径参数、下载接口还是上传流程
- 再看问题出现在 accept、store、process、serve 哪一段
- 小样本路径链和上传绕过样本已经并入主专题 skill,不再单独走 payload 入口
- First check whether the entry is a path parameter, download endpoint or upload process
- Then check which segment the problem occurs in: accept, store, process, or serve
- Small sample path chains and upload bypass samples have been merged into the main topic skill, and no longer use separate payload entries
Related Categories
Related Categories
- injection-checking
- business-logic-vuln
- injection-checking
- business-logic-vuln