-
9
posts
Member since:
Aug 2009
Posted 10 Apr 2010
Link to this post
If you're using the upload component, please make sure that the folder you use for uploading (if it's underneath your application) does not have execute or execute script privileges. Otherwise, a user can upload an aspx file and execute it as part of your app.
-
-
9
posts
Member since:
Aug 2009
Posted 10 Apr 2010
Link to this post
BTW this isn't a risk with only the Telerik upload component but it should be considered whenever you accept uploads into your software.
-