Local File Inclusion

URI: https://gptkb.org/entity/Local_File_Inclusion
GPTKB entity
Statements (29)
Predicate Object
gptkbp:instanceOf Web Vulnerability
gptkbp:abbreviation gptkb:LFI
gptkbp:affects Web Applications
gptkbp:category gptkb:OWASP_Top_10
Injection Vulnerability
gptkbp:cause Code Execution
Directory Traversal
Information Disclosure
gptkbp:detects gptkb:Dynamic_Application_Security_Testing
Manual Penetration Testing
Static Code Analysis
gptkbp:examplePayload ../../etc/passwd
..\\..\\windows\\win.ini
gptkbp:exploits Manipulating File Paths
gptkbp:firstDescribed 2000s
gptkbp:foundIn gptkb:Java
gptkb:Python
gptkb:Node.js
gptkb:ASP.NET
PHP
https://www.w3.org/2000/01/rdf-schema#label Local File Inclusion
gptkbp:mitigatedBy Input Validation
Disabling Unnecessary Functions
Whitelisting File Paths
gptkbp:relatedTo gptkb:Remote_File_Inclusion
gptkbp:riskFactor High
gptkbp:bfsParent gptkb:Remote_File_Inclusion
gptkb:File_Inclusion_Attacks
gptkbp:bfsLayer 5