Template:Execution alert/zh
From Linux Web Expert
(Redirected from Template:Code injection alert/zh)
<translate> Warning:</translate> <translate> The code or configuration described here poses a major security risk.</translate> <translate> Site administrators:</translate> <translate> You are advised against using it until this security issue is resolved.</translate> <translate> Problem:</translate> 易受代码注入攻击,因为它将用户输入直接传送到可执行语句,例如exec()、passthru()或include()。 这可能导致在您的服务器上运行任意代码及其他内容。 <translate> Solution:</translate> 严格验证用户输入和/或对所有在可执行语句中有特殊意义的字符应用转义。 |
Template documentation
- Description
- Adds an alert box describing a code injection vulnerability in including Extension page. Also adds including page to Category:Extensions with arbitrary execution vulnerabilities
- Example
{{Execution alert|~~~~}}
