{"type":"rich","blog_title":"demandosigno","provider_name":"Hatena Blog","height":"190","url":"https://www.demandosigno.study/entry/2025/11/03/231413","description":"\u30d6\u30e9\u30c3\u30af\u30ea\u30b9\u30c8\u30fb\u30d0\u30a4\u30d1\u30b9\u306b\u3088\u308b Web shell \u306e\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u300220 of 35 \u30e9\u30dc https://portswigger.net/web-security/learning-paths/file-upload-vulnerabilities/insufficient-blacklisting-of-dangerous-file-types/file-upload/lab-file-upload-web-shell-upload-via-extension-blacklist-bypass \u30c7\u30d5\u30a9\u30eb\u30c8\u30ea\u30af\u30a8\u30b9\u30c8 POST /my-account/avatar HTTP/2 Host: \u2026","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/d/demandosigno/20251103/20251103222550.png","version":"1.0","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fwww.demandosigno.study%2Fentry%2F2025%2F11%2F03%2F231413\" title=\"Web Security Academy: File upload vulnerabilities - demandosigno\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","categories":["Web Security Academy","PortSwigger","\u30d5\u30a1\u30a4\u30eb\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u306e\u4e0d\u5099","\u9069\u5207\u3067\u306a\u3044\u30a2\u30c3\u30d7\u30ed\u30fc\u30c8\u30d5\u30a1\u30a4\u30eb\u5236\u9650",".htaccess"],"author_url":"https://blog.hatena.ne.jp/demandosigno/","published":"2025-11-03 23:14:13","width":"100%","blog_url":"https://www.demandosigno.study/","provider_url":"https://hatena.blog","author_name":"demandosigno","title":"Web Security Academy: File upload vulnerabilities"}