High impact. If this is found on your site, treat it as urgent. It can lead to real damage and is worth fixing before anything else.
What it is
Detects the conditions that let an attacker replace your pages: writable HTTP methods (PUT/DELETE), unrestricted file uploads, and exposed content editors / file managers. Never defaces anything.
How attackers abuse it
An unsafe file upload lets an attacker upload a script or malicious file and then run it, often leading to server takeover.
Attacker playbook
- 1Find an upload feature and test what file types it accepts.
- 2Upload a script disguised as an allowed type.
- 3Access the uploaded file's URL to execute it.
How VibeSec detects and confirms it
VibeSec tests for this with an active scan, which runs only on targets you confirm you own or are authorized to test. We detect and confirm it using VibeSec native. When a payload actually proves the issue, it is reported as a confirmed finding rather than a guess.
If this is in your report: how to fix it
- Validate file type by content, not just extension, and store uploads outside the web root.
- Serve uploads from a separate domain with no execution, and randomize file names.
- Scan uploads and cap their size.
Check your site for this
Run a scan and see whether this affects you, in plain language with copy-paste fixes.
Scan your site for free