SKILL: Upload Insecure Files — Validation Bypass, Storage Abuse, and Processing Chains

AI LOAD INSTRUCTION: Expert file upload attack playbook. Use when the target accepts files, imports, avatars, media, documents, or archives and you need the full workflow: validation bypass, storage path abuse, post-upload access, parser exploitation, multi-tenant overwrite, and chaining into XSS, XXE, CMDi, traversal, or business logic impact. For web server parsing vulnerabilities, PUT method exploitation, and specific CVEs (WebLogic, Flink, Tomcat), load the companion SCENARIOS.md.

0. RELATED ROUTING

Extended Scenarios

Also load SCENARIOS.md when you need:

• IIS parsing vulnerabilities — x.asp/ directory parsing, ; semicolon truncation (shell.asp;.jpg)
• Nginx parsing misconfiguration — avatar.jpg/.php with cgi.fix_pathinfo=1
• Apache parsing — multiple extensions, AddHandler, CVE-2017-15715 \n (0x0A) bypass
• PUT method exploitation — IIS WebDAV PUT+COPY, Tomcat CVE-2017-12615 readonly + .jsp/ bypass
• WebLogic CVE-2018-2894 arbitrary file upload via Web Service Test Page
• Apache Flink CVE-2020-17518 file upload with path traversal
• Upload + parsing vulnerability chain — EXIF PHP code + Nginx /.php path info
• Full extension bypass reference table (PHP/ASP/JSP alternatives, case variations, null bytes)

Use this file as the deep upload workflow reference. Also load: