file-upload-bypass

1 article
sort: new top best
clear filter
bug-bounty432 google350 xss348 microsoft279 facebook245 apple171 exploit158 rce153 malware95 account-takeover94 cve87 csrf82 writeup78 bragging-post78 browser76 privilege-escalation66 react59 authentication-bypass57 cloudflare54 dos53 ssrf51 docker51 node49 aws47 access-control47 smart-contract45 phishing45 oauth45 ethereum43 defi42 supply-chain42 sql-injection41 web341 lfi37 idor34 smart-contract-vulnerability32 clickjacking31 web-application31 wordpress30 race-condition30 reverse-engineering30 info-disclosure29 vulnerability-disclosure29 cloud28 information-disclosure28 burp-suite28 solidity27 web-security27 cors26 responsible-disclosure26
0 8/10
Remote image upload leads to RCE inject malicious code
vulnerability

A remote image upload feature allowing RCE through injecting PHP payloads into GIF images with Netscape Looping Application Extensions, which survive PHP-GD image recreation due to preserved null byte blocks. The attack bypasses file extension validation by renaming uploaded images to .php and exploiting image processing that fails to sanitize injected code in GIF metadata.

remote-file-upload rce php-gd image-injection gif-exploitation jpeg-injection file-upload-bypass payload-injection php-execution netscape-looping-extension null-byte-injection
PHP-GD dlegs/php-jpeg-injector fakhrizulkifli/Defeating-PHP-GD-imagecreatefromjpeg ABOUL3LA asdqwe3 Imagemagick
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 18 hours ago · details