Chapter 8

File Upload Vulnerability

File upload is a common feature in Internet applications. How does it become a loophole? Under what conditions does it become a loophole? This chapter will discuss the answers to these questions.

8.1 File Upload Vulnerability Overview

When there is a file upload vulnerability, users can upload an executable script file to gain privileges to issue commands on the server side. This type of attack is the most direct and effective, and sometimes a little technical skill is required.

Most websites have the file upload function, which we often use to upload a custom image, share a video or photo, attach files in forum posts, attach files in e-mails, and so on.

File upload may sound simple, but the concern is how ...

Get Web Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Web Security by Hanqing Wu, Liz Zhao

File Upload Vulnerability

8.1 File Upload Vulnerability Overview

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly