It has been reported that through the use of an automated testing toolkit, a team of South Korean academics has discovered 30 vulnerabilities in the file upload mechanisms used by 23 open-source web applications, forums, store builders, and content management systems. When present in real-world web apps, these types of vulnerabilities allow hackers to exploit file upload forms and plant malicious files on a victim’s servers. These files could be used to execute code on a website, weaken existing security settings, or function as backdoors, allowing hackers full control over a server.

Jonathan Knudsen, Senior Security Strategist ,  Synopsys
March 05, 2020
Working in cybersecurity is like being a musician or an athlete: no matter how good you are, you can always get better.
Working in cybersecurity is like being a musician or an athlete: no matter how good you are, you can always get better. Each of the 23 web applications has its own open source teams and its own processes for developing and testing the application. No matter what process each of these open source teams is using, the independent assessment from South Korean academics was able to uncover file uplo ....
