Course
In this lab, you will explore a file upload vulnerability where the developer has restricted file names from ending with <code>.php</code>. You will learn how to bypass this restriction by renaming the file to an extension like <code>.php3</code>, which the server will still interpret as a PHP file.
Skills covered
Injection
Operating System
CWE-184, CWE-434
Included with PRO
Full course content
2 videos
Common mistakes
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
