Tag
file-upload-vulnerability
Safeguard articles tagged "file-upload-vulnerability" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
Arbitrary file upload vulnerabilities explained
Arbitrary file upload flaws (CWE-434) have caused breaches from Equifax to GitLab. Here's how they work, the CVEs that prove it, and how to stop them.
Dec 12, 20257 min read
Industry Analysis
Unrestricted File Upload Vulnerabilities
Unrestricted file upload flaws let attackers turn a simple upload form into remote code execution. Here's how real-world CVEs happened, and how to prevent them.
Oct 30, 20257 min read
AppSec
Unrestricted File Upload Vulnerabilities: Risks and Fixes
An unrestricted file upload vulnerability lets an attacker place a working web shell on your server through a form that was only ever supposed to accept profile pictures or PDFs.
Feb 11, 20256 min read