Tag: LFI
Local File Inclusion (LFI)
Scripts that takes filenames as parameters without sanitizing the user input is typically good candidates for LFI vulnerabilities. For […]
Read More →SQL Injection – RCE and LFI Methods
Upload PHP Command Injection Following can be used to get RCE / Command Execution when target is vulnerable to […]
Read More →XXE/XML Attack
Malicious DTD Following snippet can be used to get Local File Inclusion or Remote Command Execution on vulnerable XML. […]
Read More →