Tema: Problema con sistema de Upload en PHP (Solo funciona en FireFox!!??)
Ver Mensaje Individual
  #18 (permalink)  
Antiguo 13/01/2006, 08:41
califa010
 
Fecha de Ingreso: enero-2006
Ubicación: Buenos Aires, Argentina
Mensajes: 299
Antigüedad: 18 años, 3 meses
Puntos: 5
Por si a alguno le interesa, en este artículo se explica justamente este tema:

http://addict3d.org/index.php?page=v...curity&ID=1075

Copio la conclusión:

Conclusion
In conclusion I really have nothing to say except for I think this is a huge security issue that many php coders overlook when making a file upload. File uploads are used in everything from forum avatars to free web hosts and I am sure many many of these scripts contain this flaw. To protect your scripts from this type of attack there is no way around it but to check the file extension instead of using the mime type. Enjoy.