en

From Encyclopedia of Scientonomy
Jump to navigation Jump to search

<languages/> {{ Template:TNTN |problem=Vulnerable to code injection attacks, because it passes user input directly to executable statements, such as exec(), passthru() or include(). This may lead to arbitrary code being run on your server, among other things. |solution=Strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements. |signed= |nocat=1 }}

Description
Adds an alert box describing a code injection vulnerability in including Extension page. Also adds including page to Category:Extensions with arbitrary execution vulnerabilities
Example
{{TNT|Execution alert|~~~~}}

[[Category:Alert templatesTemplate:Translation|Execution alert/en]] [[Category:Categorizing templatesTemplate:Translation|Execution alert/en]] [[Category:Extension templatesTemplate:Translation|Execution alert/en]]

Retrieved from "https://www.scientowiki.com/index.php?title=Template:Execution_alert/en&oldid=2020"