all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Web shells and the dangers of unrestricted file upload

Add to bookmarks
Jan. 26, 2023, 9:27 a.m. |

cylab.be cylab.be

In previous blog posts, we have already illustrated two web application vulnerabilities: brute force login cracking and SQL injection. In this post we illustrate a 3rd vulnerability, unrestricted file upload, and show how it can be exploited using a web shell.

application application vulnerabilities blog blog posts brute cracking exploited file file upload injection login posts shell shells sql sql injection upload vulnerabilities vulnerability web web application web application vulnerabilities web shell

Visit resource

More from cylab.be / cylab.be

Standalone Security Onion, A perfect SIEM solution for small networks 3 days ago | cylab.be
can networks onion perfect +5
Use docker-compose to create a dev environment for Laravel 6, 7 and 8 3 days, 23 hours ago | cylab.be
components compose course database +14
Sending SMS with a USB GSM modem (and Python) 1 week, 2 days ago | cylab.be
communication good gsm guide +8
Solidity: ABI encoding explained 3 weeks, 1 day ago | cylab.be
can contract encoding ethereum +9
Pseudonymisation by random tables 3 weeks, 2 days ago | cylab.be
random tables
Add modules to your micro-Linux 3 weeks, 3 days ago | cylab.be
blog blog post linux micro +2
GitLab : fix "cgroups: cgroup mountpoint does not exist: unknown" 1 month ago | cylab.be
build docker docker image error +5
Benchmark Linux systems with sysbench 1 month, 1 week ago | cylab.be
access benchmark blog blog post +14
Use phpunit to test your PHP project 1 month, 2 weeks ago | cylab.be
blog blog post code php +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

SITEC- Systems Security Administrator- Camp HM Smith

@ Peraton | Camp H.M. Smith, HI, United States
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

General Manager, Cybersecurity, Google Public Sector

@ Google | Virginia, USA; United States
View on infosec-jobs.com

Cyber Security Advisor

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com
View more jobs