Upload Vulnerability

Upload is process of transmitting a file from a computer system to other computer systems. Attacker to upload files to insert in accordance with the desired command so that it can remotely victim. This attack is passive as it waits for the victim to take action on a file that is uploaded.

XSS

XSS is a hacking technique that uses a script-injection method with a certain gap in a web page. The gap can sometimes be through the input form, or by modifying the URL parameter. The script that is injected, there are several kinds, can HTML tags, JavaScript, PHP, ASP (as web server), etc.

There are two methods used in using the XSS :