Unrestricted File Upload
Variants:
Direct
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Input Validation, Secure File Upload
Invented In:
30/01/1999
Added In:
17/12/2014
Vector Operation Method:
The file upload mechanism can be abused to flood the server with abnormally large or corrupt files, potentially leading to denial of service and data corruption.
