From the course: Securing ASP.NET Core Apps: Advanced Techniques for Web Application Security
Join today to access over 25,500 courses taught by industry experts.
File upload attack - ASP.NET Core Tutorial
From the course: Securing ASP.NET Core Apps: Advanced Techniques for Web Application Security
File upload attack
- [Instructor] When building apps, you might require users to upload a file. For example, a profile picture, a CV, et cetera. But what are the risks of allowing users to upload a file in your apps? When allowing users to upload files to your site, there are four main risks. You could have unauthorized upload, which means that any user can just come to your app and upload stuff. The second one is that users, let's say, are signed in but they are still allowed to upload malicious content. And if the file contains an exploit, a malware, a malicious script, or macro, and this file could be used to gain control of the server or infect the users' machines. The third one is that your files could be overwritten, so existing files could be overwritten. Let's say if a file is uploaded with the same name and the extension as an existing file on the server, this could overwrite the existing file and imagine that file being a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.