-
Notifications
You must be signed in to change notification settings - Fork 94
Expand file tree
/
Copy pathBappDescription.html
More file actions
11 lines (10 loc) · 877 Bytes
/
BappDescription.html
File metadata and controls
11 lines (10 loc) · 877 Bytes
1
2
3
4
5
6
7
8
9
10
<p>This extension provides a customizable payload generator, suitable for
detecting a variety of file path vulnerabilities in file upload and download
functionality:</p>
<ul>
<li>File upload vulnerable to path traversal with the upload directory located inside the document root.</li>
<li>File upload vulnerable to path traversal with the upload directory outside the document root.</li>
<li>File upload not vulnerable to path traversal, but having the upload directory is inside of the document root, with no direct links to the uploaded file exposed by the application.</li>
<li>Local file inclusion/arbitrary file read vulnerable to path traversal with non-recurrent filters involved.</li>
</ul>
<p>More information, including the code and usage examples can be found at <a href="http://github.com/ewilded/psychoPATH">http://github.com/ewilded/psychoPATH</a></p>