Protecting Your File Uploads

File uploads represent a easy way for an attacker to inject malicious code into your application. You need to ensure uploaded files are kept at arm’s length until they are fully secured, or else you risk creating an easy route to having your systems compromised.

Risks

Prevalence
Common
Rating prevelance on Rating prevelance on Rating prevelance on
Exploitability
Moderate
Rating exploitability on Rating exploitability on Rating exploitability on
Impact
Harmful
Rating impact on Rating impact on Rating impact on

Sophisticated hackers typically exploit a combination of vulnerabilities when attacking your site – uploading malicious code to a server is step one in the hacker playbook. The next step is finding a way to execute the malicious code.

Even big companies fall foul to this vulnerability, particularly if they are running complex, legacy code bases.