Link Search Menu Expand Document

File Inclusion in PHP

Play SecureFlag Play PHP Labs on this vulnerability with SecureFlag!

Vulnerable Example

The require and require_once functions alongside include and include_once are commonly abused in File Inclusion exploits. The only difference being that require functions will generate an error and halt the running script if the file is not found, whereas include functions will only generate a warning.

As a result, untrusted input that ends up in these functions is always a red flag that needs to be audited.

<?php include_once($_GET['file']); ?>

References

MITRE - CWE 98 - Improper Control of Filename for Include/Require Statement in PHP Program

OWASP Top 10 2021 - Broken Access Control