Let us have a look at traversal initializing variables. Some of the common codes that release variables with traversal may lead to variables being overwritten. For example $chs = ''; if($_PO... Read more
The extract() function can import variables from array into the current symbol table, and its function is defined as follows: int extract ( array $var_array [, int $extract_type [, string $p... Read more
Let us have a look at global variable coverage. If the variable is not initialized and can be controlled by the user, then it may lead to security problems. In PHP, this situation is particu... Read more
In this article, we will take a look at local file inclusion. The LFI vulnerability also allows to execute PHP code, depending on certain conditions. RFI vulnerability allows to execu... Read more
In this article, we will take a look at remote file inclusion. If the option to execute “allow_url_include” is present in PHP configuration, then the include/require function can load a remo... Read more
Recent Comments