File Upload Attacks (Part 1)
ID: f937284b-af1e-53cc-a405-7c24ea6f7274
STIX ID: report--f937284b-af1e-53cc-a405-7c24ea6f7274
Feed Name: YesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends| RSS Feed
This blog post (Part-1 of a series) surveys file upload attack surfaces and testing techniques, covering risks such as remote code execution via uploaded shells, ZipSlip archive extraction, file overwrite and path traversal, large-file denial-of-service, server-side injection via filenames, EXIF/metadata leakage, and ImageMagick (ImageTragick) vulnerabilities and CVEs; it provides example test steps and references for each issue but does not describe a specific incident or active exploitation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
