Local File Inclusion

URI: https://gptkb.org/entity/Local_File_Inclusion

GPTKB entity

Predicate	Object
gptkbp:instanceOf	gptkb:Web_Vulnerability
gptkbp:abbreviation	gptkb:LFI
gptkbp:affects	Web Applications
gptkbp:category	gptkb:OWASP_Top_10 Injection Vulnerability
gptkbp:cause	Code Execution Directory Traversal Information Disclosure
gptkbp:detects	gptkb:Dynamic_Application_Security_Testing Manual Penetration Testing Static Code Analysis
gptkbp:examplePayload	../../etc/passwd ..\..\windows\win.ini
gptkbp:exploits	Manipulating File Paths
gptkbp:firstDescribed	2000s
gptkbp:foundIn	gptkb:Java gptkb:Python gptkb:Node.js gptkb:ASP.NET PHP
gptkbp:mitigatedBy	Input Validation Disabling Unnecessary Functions Whitelisting File Paths
gptkbp:relatedTo	gptkb:Remote_File_Inclusion
gptkbp:riskFactor	High
gptkbp:bfsParent	gptkb:LFI
gptkbp:bfsLayer	6
http://www.w3.org/2000/01/rdf-schema#label	Local File Inclusion