Search
Menu
 
 

RFI - LFI

DDoSPedia An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

Security Research Center

Remote File Inclusion (RFI) is a type of vulnerability most often found on PHP running websites. It allows an attacker to include a remotely hosted file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity can lead to arbitrary code execution.

Local File Inclusion (LFI) is very much like RFI; the only difference is that in LFI the attacker has to upload the malicious script to the target server to be executed locally.

The Threats Are Real And They Have Evolved
Understand The Evolution of Threat Actors In A Post-Pandemic World
Download Series 1 of the 2021 Hacker's Almanac

DDoSPedia Index

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center

Close

What are you looking for?