<html><head><title>AuthenticatedArea</title></head> <? include (“/inc/common.php”); $username = $_REQUEST[‘username’]; if ($username != ““) { echo “Your username is: “ . $_REQUEST [‘username’]; } else { header)(“location: /login.php” } ?

Posted by: Pdfprep Category: CAS-001 Tags: , ,

What of the following vulnerabilities is present in the below source code file named ‘AuthenticatedArea.php’?

<html><head><title>AuthenticatedArea</title></head> <? include (“/inc/common.php”); $username = $_REQUEST[‘username’]; if ($username != ““) { echo “Your username is: “ . $_REQUEST [‘username’]; } else { header)(“location: /login.php” } ?> </html>
A . Header manipulation
B . Account disclosure
C . Unvalidated file inclusion
D . Cross-site scripting

Answer: D

Leave a Reply

Your email address will not be published.