Is this PHP code vulnerable to LFI?
I’m currently learning about LFI attacks.
I have coded a simple example and tried to get the content of secrets.txt with an unsafe input ($_GET[‘extension’]).
I have tried the following payloads with no success:
/../../../private/secrets…. Continue reading Is this PHP code vulnerable to LFI?