Bypassing Filename Extension Restrictions in Caucho Quercus
CVE-2012-2969 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:P
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.
Learn more about our Web Application Penetration Testing UK.