File Inclusion Attacks

URI: https://gptkb.org/entity/File_Inclusion_Attacks

GPTKB entity

Predicate	Object
gptkbp:instanceOf	Cybersecurity Vulnerability
gptkbp:affects	Web Applications
gptkbp:cause	gptkb:Privilege_Escalation Remote Code Execution Information Disclosure
gptkbp:commonIn	PHP Applications
gptkbp:detects	gptkb:Dynamic_Application_Security_Testing Static Code Analysis
gptkbp:example	Including /etc/passwd in Unix systems Including http://evil.com/shell.txt
gptkbp:exploits	Improper Input Validation
gptkbp:firstDescribed	Early 2000s
https://www.w3.org/2000/01/rdf-schema#label	File Inclusion Attacks
gptkbp:mitigatedBy	Whitelisting File Paths Disabling Remote File Access Input Sanitization
gptkbp:relatedTo	Command Injection Directory Traversal
gptkbp:riskFactor	High
gptkbp:type	gptkb:Local_File_Inclusion gptkb:Remote_File_Inclusion
gptkbp:bfsParent	gptkb:fire
gptkbp:bfsLayer	4