-include-..-2f..-2f..-2f..-2froot-2f · Direct

-include-..-2F..-2F..-2F..-2Froot-2F Classification: Web Security Vulnerability / Exploit Artifact Status: Malicious Payload Pattern

$allowed = ['home', 'about', 'contact']; if (in_array($_GET['page'], $allowed)) include('pages/' . $_GET['page'] . '.php'); -include-..-2F..-2F..-2F..-2Froot-2F

The use of -2F (which looks like URL encoding %2F but with hyphens, or perhaps a specific application-level encoding) indicates an attempt to bypass security filters. Many Web Application Firewalls (WAFs) look for the literal string ../ . -include-

The Ultimate FREE Barcelona Tourist Map (Things to Do, Photo Spots & More!)

-include-..-2f..-2f..-2f..-2froot-2f · Direct

Trending