Statements (23)
Predicate | Object |
---|---|
gptkbp:instanceOf |
Cybersecurity Vulnerability
|
gptkbp:affects |
Web Applications
|
gptkbp:cause |
gptkb:Privilege_Escalation
Remote Code Execution Information Disclosure |
gptkbp:commonIn |
PHP Applications
|
gptkbp:detects |
gptkb:Dynamic_Application_Security_Testing
Static Code Analysis |
gptkbp:example |
Including /etc/passwd in Unix systems
Including http://evil.com/shell.txt |
gptkbp:exploits |
Improper Input Validation
|
gptkbp:firstDescribed |
Early 2000s
|
https://www.w3.org/2000/01/rdf-schema#label |
File Inclusion Attacks
|
gptkbp:mitigatedBy |
Whitelisting File Paths
Disabling Remote File Access Input Sanitization |
gptkbp:relatedTo |
Command Injection
Directory Traversal |
gptkbp:riskFactor |
High
|
gptkbp:type |
gptkb:Local_File_Inclusion
gptkb:Remote_File_Inclusion |
gptkbp:bfsParent |
gptkb:fire
|
gptkbp:bfsLayer |
4
|