File Upload

Description

It was found that there is an option to upload files to the server.

Bussines Impact

An attacker can use this vulnerability in the file upload mechanism to upload malicious files and webshells or trojans to the server.

Recommendation

Make sure that the files are uploaded only in the format set for them, and are checked on the server-side according to the file extension and their signatures.

More Details

In some cases, attackers can use the infected website to store malicious files in order to spread them further relaying the website reputation.

Reference

https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »