It has been reported that through the use of an automated testing toolkit, a team of South Korean academics has discovered 30 vulnerabilities in the file upload mechanisms used by 23 open-source web applications, forums, store builders, and content management systems. When present in real-world web apps, these types of vulnerabilities allow hackers to exploit file upload forms and plant malicious files on a victim’s servers. These files could be used to execute code on a website, weaken existing security settings, or function as backdoors, allowing hackers full control over a server.
Academics Find 30 File Upload Vulnerabilities In 23 Web Apps, CMSes, And Forums
Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics