Upload of Dangerous File Types
Upload of Dangerous File Types
Overview
Dangerous file upload allows executable scripts or active content to be stored and later executed.
Impact
Validate extensions and MIME types, inspect file content, rename files, and store uploads outside the web root.
Countermeasures
Run malware scanning and enforce size, count, and permission limits.