What Is Remote File Inclusion?
RFI is the English abbreviation of Remote File Include. The literal translation is remote file inclusion, so the RFI vulnerability is also the remote file inclusion vulnerability. So what exactly is a remote file inclusion vulnerability? The definition of file inclusion vulnerabilities on the Internet is as follows: When the server uses the features (functions) of PHP to package arbitrary files, because the file to be included is not strictly filtered, it can include a malicious file, and we can construct this malicious file To achieve a malicious purpose. Almost all cgi programs have this kind of bug, but the specific expression is different. If a file inclusion vulnerability occurs while including a remote file, it is a remote file inclusion vulnerability.