Ukraine Office: +38 (063) 50 74 707

USA Office: +1 (212) 203-8264

contact@testmatick.com

Manual Testing

Ensure the highest quality for your software with our manual testing services.

Mobile Testing

Optimize your mobile apps for flawless performance across all devices and platforms with our comprehensive mobile testing services.

Automated Testing

Enhance your software development with our automated testing services, designed to boost efficiency.

Functional Testing

Refine your application’s core functionality with our functional testing services

VIEW ALL SERVICES 

Home » SSI Injection

SSI Injection

This class of attacks allow a hacker to transmit an executable code, which further would be executed on a web server. Vulnerabilities that lead to the possibility of these attacks implementation usually consist in the absence of data verification, supplied by the user before saving them in an interpreted file server. Before HTML page generation, the server can execute scripts (for example, Server-side Includes or SSI). In some cases, the source code is generated based on data supplied by the user. If the hacker sends SSI operators, he obtains a possibility to execute OS commands or insert some prohibited content with the next displaying.

Related Terms