Unrestricted File Upload

WAF RULE TESTING (UNRESTRICTED FILE UPLOAD VULNERABILITY)

Summary In this blog, we are going to test Unrestricted File upload vulnerability on XVWA application with OWASP CRS && CWAF 1.128 (latest version) Ruleset. Test Scenario 1. Test Unrestricted File Upload Vulnerability with OWASP CRS: OWASP CRS block possible malicious files upload i.e .php files from getting compromised by .php shell, but still we are able to find little flaw in the ...