{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,3]],"date-time":"2026-05-03T01:52:12Z","timestamp":1777773132792,"version":"3.51.4"},"reference-count":43,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100012166","name":"National Key R&D Program of China","doi-asserted-by":"publisher","award":["2021YFB3100500"],"award-info":[{"award-number":["2021YFB3100500"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"NSFC","doi-asserted-by":"publisher","award":["62202484"],"award-info":[{"award-number":["62202484"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/tifs.2023.3335885","type":"journal-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T19:23:15Z","timestamp":1700594595000},"page":"1251-1266","source":"Crossref","is-referenced-by-count":7,"title":["URadar: Discovering Unrestricted File Upload Vulnerabilities via Adaptive Dynamic Testing"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1532-6658","authenticated-orcid":false,"given":"Yuanchao","family":"Chen","sequence":"first","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8878-510X","authenticated-orcid":false,"given":"Yuwei","family":"Li","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5775-5824","authenticated-orcid":false,"given":"Zulie","family":"Pan","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8502-9907","authenticated-orcid":false,"given":"Yuliang","family":"Lu","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6482-5325","authenticated-orcid":false,"given":"Juxing","family":"Chen","sequence":"additional","affiliation":[{"name":"College of Electronic Engineering, National University of Defense Technology, Hefei, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4268-372X","authenticated-orcid":false,"given":"Shouling","family":"Ji","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Zhejiang University, Hangzhou, China"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Unrestricted File Upload","year":"2018"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.23126"},{"key":"ref3","volume-title":"Broken Access Control","year":"2021"},{"key":"ref4","volume-title":"About the Owasp Foundation","year":"2023"},{"key":"ref5","article-title":"RIPS-A static source code analyser for vulnerabilities in PHP scripts","volume-title":"Seminar Work (Seminer \u00c7alismasi). Horst G\u00f6rtz Institute Ruhr-University Bochum","author":"Dahse","year":"2010"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23262"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2019.00064"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471859"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE55969.2022.00042"},{"key":"ref10","volume-title":"PHP: PHP 5.6.0 Release Announcement","year":"2021"},{"key":"ref11","volume-title":"PHP: PHP 7.0.0 release announcement","year":"2021"},{"key":"ref12","volume-title":"PHP: PHP 7.2.0 Release Announcement","year":"2021"},{"key":"ref13","volume-title":"Blog Tool, Publishing Platform, and CMS","year":"2021"},{"key":"ref14","volume-title":"Joomla Content Management System (CMS)","year":"2021"},{"issue":"5","key":"ref15","first-page":"9","article-title":"Multipurpose internet mail extensions (MIME) part one: Format of internet message bodies","volume":"47","author":"Rescorla","year":"1996","journal-title":"RFC"},{"key":"ref16","first-page":"377","article-title":"NAVEX: Precise and scalable exploit generation for dynamic web applications","volume-title":"Proc. USENIX Secur. Symp.","author":"Alhuzali"},{"key":"ref17","volume-title":"Usage Statistics and Market Share of Content Management Systems","year":"2021"},{"key":"ref18","volume-title":"PHP File Inclusion | Owasp","year":"2021"},{"key":"ref19","volume-title":"Getsimple CMS","year":"2021"},{"key":"ref20","volume-title":"Finfo-File\u2014Manual","year":"2021"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-SEIP52600.2021.00016"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3442381.3450002"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/3182657"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-34210-3_3"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.29"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"ref28","first-page":"179","article-title":"Static detection of security vulnerabilities in scripting languages","volume-title":"Proc. USENIX Secur. Symp.","volume":"15","author":"Xie"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2166956.2166964"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368112"},{"key":"ref31","first-page":"989","article-title":"Static detection of second-order vulnerabilities in web applications","volume-title":"Proc. USENIX Secur. Symp.","author":"Dahse"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24550"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046736"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/1390630.1390661"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/1390630.1390662"},{"key":"ref36","first-page":"1","volume-title":"Detecting security vulnerabilities in web applications using dynamic analysis with penetration testing","author":"Petukhov","year":"2008"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14215-4_7"},{"key":"ref38","article-title":"FLAX: Systematic discovery of client-side validation vulnerabilities in rich web applications","volume-title":"Proc. Netw. Distrib. Syst. Secur. Symp. (NDSS)","author":"Saxena"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00022"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSACW.2012.108"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931042"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2610384.2610403"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417869"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/10319981\/10325536.pdf?arnumber=10325536","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,12]],"date-time":"2024-01-12T01:30:39Z","timestamp":1705023039000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10325536\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":43,"URL":"https:\/\/doi.org\/10.1109\/tifs.2023.3335885","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}