Introduction

Programming languages as PHP, allow the insertion and interpretation of external files into the one that's being processed.
If badly used, this can lead to different security breaches. Among them you can find Local File Inclusion(LFI).

A LFI is a programming error, caused by the wrong use of parameters to form the filename to include. This allows a user
to manipulate the string in order to include the file he wants.

Example:

<?php 
include('./' . $_GET['page'] . '.php');
?>

PHP run as CGI in Linux environment

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License

Other interesting sites

Biblioteca Digital Curt Nimuendajú

línguas e culturas indígenas sul-americanas

REACHA

'reaching out...touching lives'

Reactive Framework (Rx) Wiki

后室沙盒Mini

更棒的后室沙盒

San_SS!