Remote File Inclusion (RFI) is a variety of vulnerability most often found on webpages, it enables the attacker to include a remote file usually through a script on the webpage. This vulnerability occurs due to the use of user supplied input without proper validation. This will likely lead to something as minimal as outputting the contents of a file, but depending on the severity, it can lead to one of the following:
Code execution on the webpage.
Code execution on the client-side such as JavaScript which can lead to other plans of attack such as cross site scripting (XSS).
Denial of Service (DoS).
Data Theft and/or Manipulation.
PHP Botnets
0 comments:
Post a Comment