Hi,<\/p>\n
We have recently had a security firm audit our website.
\nOne of the points they raised was with the validation of the file upload on the “Add Event” page.
\nI’ll include what they provided as it’s explains it perfectly.
\nCan you please let me know if this is something that can be looked at?<\/p>\n
Cheers!<\/p>\n
Description<\/strong> Additional Details<\/strong> Recommendation<\/strong>
\nInsufficient File Upload Validation: The application does not perform sufficient validation on uploaded files. Unauthenticated attackers may upload malicious files which may be used to gain access to the application. Additionally, a lack of rate-limiting controls could result in.<\/p>\n
\nThe ‘add event’ functionality allows any unauthenticated users to upload files. There exists a filter for .jpg, .gif and .png image files, however the application was found to accept .php.<jpg\/gif\/png>, and .jpg’s with embedded php code. Although execution of the arbitrary shell files were denied, no validation was performed and they were successfully uploaded and accessible via their storage location on the web server.<\/p>\n
\nRestrict uploaded files to a whitelist of file types and extensions. Cater for pre-extensions such as file.php.jpg. Perform a scan of content uploaded to the file for both malware and HTML code where possible. Configure the storage folders to deny execution rights and prevent direct access to these folders. Consider only allowing the upload\/event creation functionality to authenticated users, and renaming files stored on the server or appending text to them when possible.<\/p>\n","protected":false},"template":"","class_list":["post-1056351","topic","type-topic","status-closed","hentry"],"yoast_head":"\n