Recent Entries

  • Local File Inclusion (LFI)

      Local File Inclusion Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected. A typical example of a PHP ...
  • PHP Object Injection

    Understanding PHP Object Injection PHP Object Injection is not a very common vulnerability, it may be difficult to exploit but it also may be really dangerous. In order to understand this vulnerability, understanding of basic PHP code is required.   PHP Classes and Objects Classes and objec...