<html><head><title>AuthenticatedArea</title></head> <? include (“/inc/common.php”); $username = $_REQUEST[‘username’]; if ($username != ““) { echo “Your username is: “ . $_REQUEST [‘username’]; } else { header)(“location: /login.php” } ?

Posted by: Pdfprep Category: CAS-001 Tags: CAS-001 exam questions, CAS-001 practice exam, CompTIA Advanced Security Practitioner Post Date: November 25, 2020

What of the following vulnerabilities is present in the below source code file named ‘AuthenticatedArea.php’?

<html><head><title>AuthenticatedArea</title></head> <? include (“/inc/common.php”); $username = $_REQUEST[‘username’]; if ($username != ““) { echo “Your username is: “ . $_REQUEST [‘username’]; } else { header)(“location: /login.php” } ?> </html>
A . Header manipulation
B . Account disclosure
C . Unvalidated file inclusion
D . Cross-site scripting

Answer: D

Author

Pdfprep

<html><head><title>AuthenticatedArea</title></head> <? include (“/inc/common.php”); $username = $_REQUEST[‘username’]; if ($username != ““) { echo “Your username is: “ . $_REQUEST [‘username’]; } else { header)(“location: /login.php” } ?

Author

Leave a Reply Cancel reply