What is Server Side Include Injection?

Web Server Security

Database Security

Application Server Security

Vulnerability Archive

Secure Development

Application Firewalls

Main -> Questions

TOPIC'S

Security Services

Submit News

Syndicated News

Hosting generously provided by

www.mv.com

What is Server Side Include Injection?

"SSI Injection (Server-side Include) is a server-side exploit technique that allows an attacker to send code into a web application, which will later be executed locally by the web server. SSI Injection exploits a web application's failure to sanitize user-supplied data before they are inserted into a server-side interpreted HTML file." - The Web Application Security Consortium Threat Classifications Project

Read more about SSI

External Links:
Copyright 2000-2007 Cgisecurity.com.
Providing Web Security news since 2000. Information contained on this website may not be copied without explicit permission.
Best Viewed with Netscape. Website Security Web Application Security solid state drives ebay cd players camera lens deals buy macbook air not work safe software security canon camera deals

Popular Links By Subject

Sponsored Link (Advertise)

Subscribe to CGISecurity.com

The Web Security Mailing List

Re: [WEB SECURITY] Paper draft: Enough With Default Allow in Web Applications!

Re: [WEB SECURITY] Nice little XSS trick

[WEB SECURITY] Security Vacation Guide

[WEB SECURITY] Lateral SQL Injection Revisited - No Special Privs Required

Re: [WEB SECURITY] ActivePerl

[WEB SECURITY] cross site trace

[WEB SECURITY] Web Application Security Professionals Survey (July 2008)

Re: [WEB SECURITY] cross site trace

Re: [WEB SECURITY] cross site trace

Re: [WEB SECURITY] cross site trace

Contact us

Post News, get linkage!