Olli M, from Team Openfire was successfull in finding vulnerability in World’s top most Agency FBI of USA.
Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerabilityoccurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to:
- Code execution on the web server