Statements (28)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:bfsLayer |
6
|
| gptkbp:bfsParent |
gptkb:CWE-750
|
| gptkbp:example |
Uploading a PHP file that can be executed on the server.
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-434
|
| gptkbp:impact |
Execution of arbitrary code
|
| gptkbp:is_described_as |
The software allows the upload of a file that can be executed or interpreted by the server.
|
| gptkbp:is_protected_by |
Implement file type validation.
Limit file upload size. Rename uploaded files. Store uploaded files outside the web root. Use a whitelist of allowed file types. |
| gptkbp:name |
Unrestricted Upload of File with Dangerous Type
|
| gptkbp:related_to |
gptkb:CWE-118
gptkb:CWE-119 gptkb:CWE-200 gptkb:CWE-22 gptkb:CWE-601 gptkb:CWE-285 gptkb:CWE-306 gptkb:CWE-327 gptkb:CWE-352 gptkb:CWE-73 gptkb:CWE-77 gptkb:CWE-94 gptkb:CWE-89 gptkb:CWE-20 CWE-78 |