Acunetix 7 makes web application security checking easier and more cost effective
featured »
Acunetix 7 makes web application security checking easier and more cost effective
September 1, 2010 – 1:55 pm | 4 Comments

New scanning engine with improved vulnerability detection AND verification makes finding and fixing security issues in web applications easier.
London, 1st September 2010 – Acunetix, a market leader in web application security scanning technology, today announced …

Read the full story »
releases

Acunetix Web Vulnerability Scanner Product Releases

docs & faq

Acunetix technical documentation how to and FAQ

news

Acunetix Company and Web Security news, & Press Releases

events

Acunetix Webinars, Events and Training around the world

web security zone

Everything you need to know about Web Security

Home » whitepapers

Why File Upload Forms are a major security threat

Submitted by Robert Abela on May 27, 2009 – 8:52 pmNo Comment

File upload forms, nowadays can be found allover the internet.  In social network web applications, such as Facebook and Twitter, in blogs, forums, e-banking sites, YouTube and also in corporate support portals, to give the opportunity to the end user to efficiently share files with corporate employees.  Users are allowed to upload images, videos, avatars and many other types of files.

Though, the more functionality provided to the end user, the greater is the risk of having a vulnerable web application and the chance that such functionality will be abused from malicious users, to gain access to a specific website, or to compromise a server is very high.

The following white paper, talks about a number of common security issues and vulnerabilities encountered while auditing file upload forms in several well known web applications.  It also explains how to build secure file upload forms.

You can read this whitepaper from here

Share and Enjoy:
  • Twitter
  • Reddit
  • Digg
  • del.icio.us
  • LinkedIn
  • StumbleUpon
  • Google Bookmarks
  • Technorati

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.