logo

File Upload Attacks (Part 1)

ID: f937284b-af1e-53cc-a405-7c24ea6f7274

STIX ID: report--f937284b-af1e-53cc-a405-7c24ea6f7274

Feed Name: YesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends| RSS Feed

Threat Score
65/100

Date Published: 2021-05-12

Date Updated: 2026-07-04

...
...

This blog post (Part-1 of a series) surveys file upload attack surfaces and testing techniques, covering risks such as remote code execution via uploaded shells, ZipSlip archive extraction, file overwrite and path traversal, large-file denial-of-service, server-side injection via filenames, EXIF/metadata leakage, and ImageMagick (ImageTragick) vulnerabilities and CVEs; it provides example test steps and references for each issue but does not describe a specific incident or active exploitation.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.