file-upload

4 articles
Sort: New Top Best
clear filter
bug-bounty622 facebook479 xss316 google174 microsoft120 rce102 apple72 csrf60 web355 account-takeover53 writeup51 exploit43 sqli41 dos36 ssrf34 cve33 cloudflare32 privilege-escalation29 defi28 malware27 node26 smart-contract-vulnerability25 idor25 subdomain-takeover24 clickjacking23 smart-contract23 ethereum23 access-control21 react21 vulnerability-disclosure21 reverse-engineering20 auth-bypass19 aws19 remote-code-execution18 lfi18 cloud17 docker17 cors17 oauth17 supply-chain17 race-condition17 info-disclosure16 browser14 authentication-bypass14 solidity14 phishing14 denial-of-service11 sql-injection11 delegatecall11 wordpress10
0
Magento – RCE & Local File Read with low privilege admin rights
vulnerability

Two vulnerabilities discovered in Magento allowing remote code execution and local file read with low-privilege admin accounts: the first exploits path traversal in product design layout XML to execute arbitrary PHP code via custom product option file uploads, and the second leverages path traversal in email template CSS directives to read arbitrary files.

magento rce remote-code-execution local-file-read path-traversal privilege-escalation low-privilege-admin product-design email-templating xml-injection custom-options phtml file-upload ecommerce cms vulnerability-disclosure
Magento Adobe Experience Cloud Magento 2.3.0 Magento 2.2.7 Magento 2.1.16 SCRT Team Magento\Framework\View\Element\Template Magento\Backend\Block\Template
blog.scrt.ch · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0
ASUS RCE vulnerability on rma.asus-europe.eu
vulnerability

A researcher discovered an RCE vulnerability on ASUS's RMA portal by bypassing front-end file upload restrictions and uploading an ASP webshell to the predictable /uploads directory on Microsoft-IIS 8.5. The vulnerability was disclosed responsibly and eventually patched, though ASUS's response was slow and the researcher reported poor communication from the vendor.

rce remote-code-execution file-upload upload-bypass asp iis microsoft-iis front-end-bypass web-vulnerability vulnerability-disclosure responsible-disclosure
ASUS rma.asus-europe.eu Mustafa Kemal Can Microsoft-IIS 8.5 [email protected]
mustafakemalcan.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0
RCE starwars
bug-bounty

A bug bounty researcher discovered RCE on an abandoned staging web service via an unauthenticated PUT HTTP method that allowed arbitrary file uploads, enabling PHP web shell deployment and subsequent internal network traversal with privilege escalation through credential reuse and weak security practices.

rce remote-code-execution http-put-method web-shell reverse-shell unauthenticated-access file-upload http-methods internal-network-traversal privilege-escalation network-reconnaissance subdomain-enumeration port-scanning php-webshell credential-reuse ssh-access hash-cracking vpn-certificate staging-environment
nmap ncat netcat PHP Python SSH RDP SMB DNS zone transfer
blog.zsec.uk · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0 5/10
File Upload Vulnerabilities: Tricks, Attacks, and How to Harden Your Uploads
tutorial

Educational article covering file upload vulnerability techniques, attack vectors (such as shell.php.jpg bypasses), and defensive hardening strategies to prevent unauthorized file uploads and remote code execution.

file-upload web-vulnerability rce bypass-techniques security-hardening
medium.com · Very Lazy Tech · 11 hours ago · details