File Inclusion in PHP
Vulnerable Example
The require
and require_once
functions alongside include
and include_once
are commonly abused in File Inclusion exploits. The only difference being that require
functions will generate an error and halt the running script if the file is not found, whereas include
functions will only generate a warning.
As a result, untrusted input that ends up in these functions is always a red flag that needs to be audited.
<?php include_once($_GET['file']); ?>
References
MITRE - CWE 98 - Improper Control of Filename for Include/Require Statement in PHP Program