<< Prev Question Next Question >>

Question 26/27

In the screenshot below, an attacker is attempting to exploit which vulnerability?
POST /upload.php HTTP/1.1
Host: example.com
Cookie: session=xyz123;JSESSIONID=abc123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) rv:107.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW Content-Length: 12345 Connection: keep-alive Content-Disposition: form-data; name="avatar"; filename="malicious.php" Content-Type: image/jpeg
<?php
phpinfo();
?>

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (27q)
Question 1: Based on the below HTTP request, which of the following stat...
Question 2: The following request is vulnerable to Cross-Site Request Fo...
Question 3: Which HTTP header is used by the CORS (Cross-origin resource...
Question 4: Which of the following is considered as a safe password?...
Question 5: Based on the screenshot below, which of the following statem...
Question 6: Which of the following Google Dorks can be used for finding ...
Question 7: Which of the following is NOT a symmetric key encryption alg...
Question 8: Based on the below request/response, which of the following ...
Question 9: In the screenshot below, which of the following is incorrect...
Question 10: After purchasing an item on an e-commerce website, a user ca...
Question 11: Determine the primary defense against a SQL injection vulner...
Question 12: Which of the following hashing algorithms is considered to b...
Question 13: After purchasing an item on an e-commerce website, a user ca...
Question 14: A website administrator forgot to renew the TLS certificate ...
Question 15: In the context of NoSQL injection, which of the following is...
Question 16: Salt is a cryptographically secure random string that is add...
Question 17: The DNS entries forwww.ironman.comandwww.hulk.comboth point ...
Question 18: While performing a security audit of a web application, you ...
Question 19: The payload {{7*7}} can be used for determining which of the...
Question 20: Which of the following is NOT an asymmetric key encryption a...
Question 21: In the context of a Dependency Confusion Attack, which of th...
Question 22: A robots.txt file tells the search engine crawlers about the...
Question 23: Which of the following attributes is NOT used to secure the ...
Question 24: Which of the following is correct?...
Question 25: A website administrator forgot to renew the TLS certificate ...
Question 26: In the screenshot below, an attacker is attempting to exploi...
Question 27: Based on the screenshot above, which of the following is the...