There is a indirect security vulnerability that can be exposed by this app. This app allows for users to directly share executable files such as .php, .js, .cgi, etc. If a user uploads a PHP file with malicious code, shares it via sharing path, and loads the document, it presents a very easy to access method of executing code on the server. My idea to prevent this is by adding a whitelist/blacklist option to administrators that restrict what file types can be shared via direct link.
There is a indirect security vulnerability that can be exposed by this app. This app allows for users to directly share executable files such as .php, .js, .cgi, etc. If a user uploads a PHP file with malicious code, shares it via sharing path, and loads the document, it presents a very easy to access method of executing code on the server. My idea to prevent this is by adding a whitelist/blacklist option to administrators that restrict what file types can be shared via direct link.