New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group CAP Exam - Topic 10 Question 96 Discussion

Actual exam question for The SecOps Group's CAP exam
Question #: 96
Topic #: 10
[All CAP Questions]

In the screenshot below, an attacker is attempting to exploit which vulnerability?

POST /upload.php HTTP/1.1

Host: example.com

Cookie: session=xyz123;JSESSIONID=abc123

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) rv:107.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW

Content-Length: 12345

Connection: keep-alive

Content-Disposition: form-data; name="avatar"; filename="malicious.php"

Content-Type: image/jpeg

phpinfo();

?>

Show Suggested Answer Hide Answer
Suggested Answer: C

The screenshot shows an HTTP POST request to /upload.php with a multipart/form-data payload, where the attacker uploads a file named malicious.php disguised as an image/jpeg but containing PHP code (<?php phpinfo(); ?>). This indicates an attempt to exploit a File Upload Vulnerability. Such vulnerabilities occur when an application allows users to upload files without proper validation or sanitization, enabling attackers to upload malicious scripts (e.g., PHP) that can be executed on the server. In this case, if the server executes the uploaded malicious.php, it could expose server information via phpinfo() or perform other malicious actions.

Option A ('HTTP Desync Attack') involves manipulating HTTP request pipelines, which is not relevant here as the request appears standard. Option B ('File Path Traversal Attack') involves accessing unauthorized files using ../, which is not evident in this request. Option D ('Server-Side Request Forgery') involves tricking the server into making unintended requests, which does not apply to file uploads. Thus, C is the correct answer, aligning with the CAP syllabus under 'File Handling Security' and 'OWASP Top 10 (A05:2021 - Security Misconfiguration).'


by Staci at Jul 03, 2025, 11:15 AM

Limited Time Offer

25%

Off

Get Premium CAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Makeda
2 months ago
I’m surprised they’d try to upload a PHP file as an image. What were they thinking?
upvoted 0 times
...
Yvonne
2 months ago
Definitely a file upload issue, no doubt about it!
upvoted 0 times
...
Jackie
2 months ago
Wait, are we sure it's not a Path Traversal Attack?
upvoted 0 times
...
Pamella
3 months ago
Totally agree, that filename is a red flag!
upvoted 0 times
...
Albert
3 months ago
Looks like a File Upload Vulnerability to me.
upvoted 0 times
...
Truman
3 months ago
I’m confused because I thought HTTP desync attacks were more about manipulating headers. This seems more straightforward with the file upload aspect.
upvoted 0 times
...
Blythe
3 months ago
The Content-Disposition header looks suspicious, and I recall that file upload vulnerabilities often allow attackers to execute code. So, I lean towards option C.
upvoted 0 times
...
Rodrigo
4 months ago
I'm not entirely sure, but it seems like it could also be a path traversal attack? I remember something about that from our practice questions.
upvoted 0 times
...
Annabelle
4 months ago
I think this might be related to a file upload vulnerability since the request is trying to upload a PHP file as an image.
upvoted 0 times
...
Marnie
4 months ago
This looks like a straightforward file upload vulnerability to me. The attacker is trying to upload a malicious PHP file, so I'm going with option C. I feel pretty confident about this one.
upvoted 0 times
...
Jina
4 months ago
I'm a bit confused by all the different headers and parameters in this request. Could it be a more advanced attack like HTTP desync or path traversal? I'll need to review my notes on these types of vulnerabilities before answering.
upvoted 0 times
...
Lorriane
4 months ago
Ah, I see what's going on here. The attacker is trying to upload a malicious file, so the answer is definitely C - File Upload Vulnerability. Easy peasy!
upvoted 0 times
...
Mollie
4 months ago
Hmm, I'm not sure about this one. The request has a lot of headers and parameters, so it could be a more complex attack like HTTP desync or SSRF. I'll need to think this through carefully.
upvoted 0 times
...
Natalya
5 months ago
This looks like a classic file upload vulnerability. The attacker is trying to upload a malicious PHP file, so I'll go with option C.
upvoted 0 times
...
Sharee
7 months ago
Hmm, let me think... A file upload vulnerability, for sure. The attacker is trying to sneak in a PHP script and get the server to run it. Classic move, but not gonna work on my watch!
upvoted 0 times
...
Franklyn
7 months ago
I believe it could also be a Server-Side Request Forgery, as the request is trying to access internal resources.
upvoted 0 times
...
Celia
7 months ago
I agree with Shantell, the payload in the request indicates a file upload attempt.
upvoted 0 times
...
Geoffrey
7 months ago
I'd say this is a pretty straightforward file upload vulnerability. The attacker is trying to upload a PHP script and get the server to execute it. Nice try, but not today, buddy!
upvoted 0 times
Iola
5 months ago
C) File Upload Vulnerability
upvoted 0 times
...
Mirta
5 months ago
B) File Path Traversal Attack
upvoted 0 times
...
Sheridan
7 months ago
A) HTTP Desync Attack
upvoted 0 times
...
...
Rodolfo
7 months ago
Haha, the attacker is trying to upload a 'malicious.php' file? How subtle. It's obviously a file upload vulnerability, no doubt about it.
upvoted 0 times
Iesha
5 months ago
It's a common tactic to upload malicious files through vulnerabilities like this.
upvoted 0 times
...
Lacey
6 months ago
Yes, that's right. The attacker is trying to exploit a file upload vulnerability.
upvoted 0 times
...
...
Shantell
7 months ago
I think the attacker is attempting a File Upload Vulnerability.
upvoted 0 times
...
Hershel
7 months ago
This looks like a classic file upload vulnerability to me. The attacker is trying to upload a malicious PHP file and execute it on the server. Definitely option C.
upvoted 0 times
Elouise
6 months ago
Yes, it's definitely a file upload vulnerability. The attacker is attempting to execute the PHP code on the server.
upvoted 0 times
...
Jackie
6 months ago
I agree, the attacker is trying to upload a malicious PHP file through the file upload vulnerability.
upvoted 0 times
...
...

Save Cancel