SSI — Server Side Include Injection

Content:

  • Introduction
  • SSI Injection Vulnerability & Detection
  • SSI Injection Attack Scenario
  • Mitigations of SSI Injection Vulnerability
  • Conclusion
  • Sanitizing the HTML inputs
  • Encoding the user input before rendering the pages
  • Proper configuration of server for dynamic content parsing
  • Avoid having pages with the extension mentioned before

--

--

--

Just an another security nerd… CEH MASTER | PENTESTER

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Cosmos Tip App — Full Twitter Tutorial

Cybereum Newsletter

Exploring Shiba Doge Shiba INUS Ecosystem

Covid-19 Coronavirus | Cybersecurity

READ/DOWNLOAD%? The Manga Guide to Cryptography (Manga Guides) FULL BOOK PDF & FULL AUDIOBOOK

CAESAR CIPHER

Security in Drupal 8 — Best Practices

[ENG] @Unikname, the next-gen identifier

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vikas Sharma

Vikas Sharma

Just an another security nerd… CEH MASTER | PENTESTER

More from Medium

Interesting Stored XSS

Utilization of OWASP Tools to protect against XSS vulnerabilities

My Pentest Log -9- (Open Redirect Vulnerability in ASP)

How I downed acronis.com in 2 minutes — Lucky bug write up