File Upload to RCE on OTT Platform

The image file upload function doesn’t validate a file extension, Content-type, and the content of a file. An image file, containing PHP code and a file extension set to .php, was uploaded and allowed remote code execution.

Kudos to Akash Solanki

This post was created with our nice and easy submission form. Create your post!

What do you think?

-1 Points
Upvote Downvote

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Threat Alert: Log4j Vulnerability Has Been adopted by two Linux

Moonwalk – No Traces After Exploiting Linux 👻🐚