Template:Execution alert

From Encyclopedia of Scientonomy
Jump to navigation Jump to search

<languages/> {{ Template:TNTN |problem=<translate> Vulnerable to code injection attacks, because it passes user input directly to executable statements, such as exec(), passthru() or include().</translate> <translate> This may lead to arbitrary code being run on your server, among other things.</translate> |solution=<translate> Strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements.</translate> |signed= |nocat=1 }}

Description
Adds an alert box describing a code injection vulnerability in including Extension page. Also adds including page to Category:Extensions with arbitrary execution vulnerabilities
Example
{{TNT|Execution alert|~~~~}}

[[Category:Alert templatesTemplate:Translation|Execution alert]] [[Category:Categorizing templatesTemplate:Translation|Execution alert]] [[Category:Extension templatesTemplate:Translation|Execution alert]]

Retrieved from "https://www.scientowiki.com/index.php?title=Template:Execution_alert&oldid=2018"