BETA Shoulder is in beta — Findings may sometimes be wrong. Your feedback shapes what we fix next. Share feedback
Shoulder.dev

Understand what every change actually did to your system.
📤

Unrestricted Upload of File with Dangerous Type

🛡️ 3 rules detect this

Unrestricted Upload of File with Dangerous Type

The product allows the upload of files without properly validating the file type, which can lead to execution of malicious code.

When users can upload files without restriction, attackers may upload executable files, scripts, or other dangerous content that can be executed by the server or other users.

Prevalence
High
Frequently exploited
Impact
High
3 high-severity rules
Prevention
Documented
3 fix examples
2 Prevention
2 Prevention

How to fix this vulnerability

Prevention strategies for Unrestricted File Upload based on 3 Shoulder detection rules.

🐹 Go View all Go details →
Unsafe File Upload HIGH

Validate file type, enforce size limits, and use generated filenames for uploads

+15 -3 go 
  func upload(w http.ResponseWriter, r *http.Request) {
-     file, header, _ := r.FormFile("file")
-     defer file.Close()
-     dst, _ := os.Create("/var/www/uploads/" + header.Filename)
+     r.Body = http.MaxBytesReader(w, r.Body, 10*1024*1024)
+     file, header, err := r.FormFile("file")
+     if err != nil {
+         http.Error(w, "Invalid file", 400)
+         return
+     }
+     defer file.Close()
+     ext := filepath.Ext(header.Filename)
+     allowed := map[string]bool{".jpg": true, ".png": true, ".pdf": true}
+     if !allowed[ext] {
+         http.Error(w, "File type not allowed", 400)
+         return
+     }
+     safeFilename := uuid.New().String() + ext
+     dst, _ := os.Create(filepath.Join("/var/uploads", safeFilename))
      defer dst.Close()
      io.Copy(dst, file)
  }
🟨 JavaScript View all JavaScript details →
Unrestricted File Upload HIGH

Add fileFilter to multer to validate uploaded file types

+11 -1 javascript 
- const upload = multer({ dest: 'uploads/' });
+ const upload = multer({
+   dest: 'uploads/',
+   fileFilter: (req, file, cb) => {
+     const allowed = ['image/jpeg', 'image/png', 'image/gif'];
+     if (allowed.includes(file.mimetype)) {
+       cb(null, true);
+     } else {
+       cb(new Error('Invalid file type'), false);
+     }
+   }
+ });
  app.post('/upload', upload.single('file'), handler);
🐍 Python View all Python details →
Insecure File Upload HIGH

Validate file extension, MIME type, and size; use secure_filename() for paths

+14 -7 python 
- from flask import request
- 
- @app.route('/upload', methods=['POST'])
- def upload():
-     file = request.files['file']
-     file.save(f'uploads/{file.filename}')
-     return {'status': 'uploaded'}
+ from flask import request, jsonify
+ from werkzeug.utils import secure_filename
+ 
+ ALLOWED = {'png', 'jpg', 'pdf'}
+ 
+ @app.route('/upload', methods=['POST'])
+ def upload():
+     file = request.files['file']
+     ext = file.filename.rsplit('.', 1)[-1].lower()
+     if ext not in ALLOWED:
+         return jsonify({'error': 'Invalid type'}), 400
+     filename = secure_filename(file.filename)
+     file.save(f'uploads/{filename}')
+     return jsonify({'filename': filename})
4 Warning Signs
4 Warning Signs

What to watch for in code reviews

These patterns indicate potential Unrestricted Upload of File with Dangerous Type vulnerabilities. Look for these during code reviews and security audits.

🟠
File upload lacks proper validation go-unsafe-file-upload
🟠
Multer middleware at ... lacks fileFilter validation javascript-file-upload-validation
🟠
multer file upload middleware used without proper fileFilter validation javascript-file-upload-validation
🟠
file uploads without proper validation of file type, size, or content python-insecure-file-upload
🔍

Scan your codebase for Unrestricted Upload of File with Dangerous Type

Shoulder CLI finds vulnerable patterns across your entire codebase.

npx shoulder trust Browse all rules