1. Remote File Inclusion (RFI)
Remote File Inclusion (RFI) is the most frequent type of vulnerabilities found on the website, allowing the attacker to include a file that typically remotely through a script on a web server. The vulnerability occurs because of the use of user input without proper validation. This can lead to something minimal output file contents, but depending on the severity, to list a few that could lead to:
* Code execution on the web server
* Code execution on the client-side as Javascript that can cause other attacks such as cross site scripting (XSS).
* Denial of Service (DoS)
* Data Theft / Manipulation
In PHP main cause is due to the use of unvalidated external variables such as $ _GET, $ _POST, $ _COOKIE with the filesystem functions, most notably include and require statements. Most of the vulnerabilities can be attributed to novice programmers not familiar with all the capabilities of the PHP programming language. PHP language has allow_url_fopen directive and when activated allows the filesystem to use the URL function that allows them to retrieve data from a remote location. An attacker would change the variable passed to one of these functions causes it to insert malicious code from remote resources. To overcome this, all user input must be validated before use.
2. Local File Inclusion (LFI)
The method utilizes the PHP script weaknesses include (), include_once (), require (), require_once () the variable was not declared perfectly.
With LFI an attacker can including the files located on the server in question.
3. SQL injection
SQL injection is a code injection technique that exploit security flaws that occur at the application layer database. The vulnerability is present when user input is not really well screened to avoid character string literals embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. This is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.
4. Cross Site Scripting (XSS)
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow a malicious attacker to inject a client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability could be used by attackers to bypass access control policies such as the origin of the same. Cross-site scripting is done on the Web site is about 80% of all security vulnerabilities documented by Symantec in 2007. The impact varied, ranging from minor annoyances to significant security risks, depending on the sensitivity of the data handled by the vulnerable site, and the nature of any security mitigation implemented by the site owner.
Cross-site scripting hole is the weakness of web applications that allow attackers to bypass client-side security mechanisms normally imposed on web content by modern browsers. By finding ways of injecting malicious script into a web page, an attacker can gain access rights be appointed to a sensitive page content, session cookies, and other information that is managed by the browser on the user name. Cross-site scripting attacks therefore a special case code injection.
The expression "cross-site scripting" originally refers to the act of loading applications, third-party web attacked from a site unrelated attack, in a way that executes a JavaScript fragment composed by attackers in the security context of the targeted domain (a reflected or non- persistent XSS vulnerabilities). This definition has gradually expanded to include other modes of code injection, including vectors persistent and non-JavaScript (including Java, ActiveX, VBScript, Flash, HTML or even pure), causing confusion for newcomers in the field of information security.
