Collaborate Disseminate
iDevAffiliate affiliate software provides affiliate program software to start affiliate tracking. It is protected by ioncube which makes it quite hard to audit the code for vulnerability.
It is the point of entry for an atta… Continue reading iDevAffiliate vulnerable to a file upload, how can we limit the damage?
I have setup a small virtual office. How do I prevent my employees from uploading their work files (mostly excel workbooks) to gmail/drive or the gazillion other file sharing sites? Is there a url block list which I can down… Continue reading Looking for Web Filtering Options to prevent employees from stealing work files/data
I posted this question on “Software Recommendations” previously. I think that my security concerns will be better addressed here.
I am searching for a convenient way to securely transfer a single file from a desktop computer… Continue reading securely and conveniently transfer a single file from a desktop to a mobile computer
I posted this question on “Software Recommendations” previously. I think that my security concerns will be better addressed here.
I am searching for a convenient way to securely transfer a single file from a desktop computer… Continue reading securely and conveniently transfer a single file from a desktop to a mobile computer
In a lot of different penetration test I found multiple times the wpsadmin multiple password via directory traversal vulnerabilities (either known one in WebSphere Portal or via custom applications hosted on the same IBM HTTP Server).
Unf… Continue reading Is it possible to upload a Web Shell via Websphere Portal XMLaccess tool?
A colleague of mine has a personal website in which he allows users to upload anything within a certain size,
but before the actual upload he checks to see the file extension:
if ( $type == ‘image/gif’){
$ext = ‘.gif’;
}… Continue reading Does changing an uploaded executable’s file extension to .png render it safe?
I would like to ask a question regarding the classic uploading an image and executing php code exploit on a website.
So I have been trying out this exploit a website I’m supposed to hack (It’s set up for us to try and hack i… Continue reading Exploiting a PHP server with a .jpg file upload
I am looking for a convenient, and particularly a secure way to share files with business contacts in China. My priorities, in this order, are
Secure, non-hackable.
Accessible. I know many sites (YouTube, notably) are not… Continue reading Secure File Sharing with China
Recently, one of my website was hacked by someone who uploaded an image (shell.gif) to my server.
I have put server side validation to check file extension + mime type of the image. However, they are still able to upload shell script usin… Continue reading Prevent shell script inside image file
My Situation:
I am creating a web application with PHP which allows users to scan their files for viruses. It allows the user to upload their files via the html “file” input type or via a URL. I have successfully built the h… Continue reading PHP | Security for allowing user uploads