Chapter 8
File Upload Vulnerability
File upload is a common feature in Internet applications. How does it become a loophole? Under what conditions does it become a loophole? This chapter will discuss the answers to these questions.
8.1 File Upload Vulnerability Overview
When there is a file upload vulnerability, users can upload an executable script file to gain privileges to issue commands on the server side. This type of attack is the most direct and effective, and sometimes a little technical skill is required.
Most websites have the file upload function, which we often use to upload a custom image, share a video or photo, attach files in forum posts, attach files in e-mails, and so on.
File upload may sound simple, but the concern is how ...
Get Web Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.