Threatpost |
eBay Fixes File Upload and Path Disclosure Bugs
Threatpost “The eBay server fails to implement secure header checks on the image files being uploaded on the server. It basically verifies the image extensions. As a result, it is possible to upload a camouflaged malicious file (EXE,PDF,etc.) with image file … |
More: continued here