Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more
Back to all learning paths
PRACTITIONER

File upload vulnerabilities

In this learning path, you'll explore how simple file upload functions can become a vector for severe attacks. You'll learn how to bypass common defense mechanisms to upload a web shell, enabling full control over a vulnerable web server.

Contents

Get started: What are file upload vulnerabilities?

0 of 35

GET STARTED


What are file upload vulnerabilities? 0 of 1



What is the impact of file upload vulnerabilities? 0 of 2



How do file upload vulnerabilities arise? 0 of 1



How do web servers handle requests for static files? 0 of 2



Exploiting unrestricted file uploads to deploy a web shell 0 of 2



Exploiting flawed validation of file uploads 0 of 5



Preventing file execution in user-accessible directories 0 of 3



Insufficient blacklisting of dangerous file types 0 of 7



Flawed validation of the file's contents 0 of 3



Exploiting file upload race conditions 0 of 4



Exploiting file upload vulnerabilities without remote code execution 0 of 3



Uploading files using PUT 0 of 1



How to prevent file upload vulnerabilities 0 of 1