Vulnerability in EPiServer.Forms
Does anyone have a code snippet showing how to upload a file to a folder (Global Files, Documents or such) in the EPiServer File Manager?
I'm currently using CMS 5 R2.
Use ASP FileUpload control and read some tips here:
Yes, Fredrik's blogpost sums it up nicely.
Beware however to not use the FileUpload.FileBytes as mentioned in one of the comments as this will bring in the complete file contents into memory, something that can be disastreous - imagine what happens if someone uploads a 3Gb file.
Instead get the FileContent streaam and read/write in reasonably sized chunks.