During a penetration test, an attacker was able to bypass input validation and execute commands on a web server. The server runs a PHP application. Which of the following is the MOST likely root cause?
Trap 1: The application uses unsanitized input in SQL queries.
SQL injection leads to database access, not command execution.
Trap 2: The application reflects user input in HTTP responses without…
XSS vulnerability, but does not directly execute commands on server.
Trap 3: The application uses hidden form fields to store session tokens.
CSRF vulnerability, not command execution.
- A
The application uses unsanitized input in SQL queries.
Why wrong: SQL injection leads to database access, not command execution.
- B
The application reflects user input in HTTP responses without escaping.
Why wrong: XSS vulnerability, but does not directly execute commands on server.
- C
The application passes user input to a shell command via exec() or system() functions.
Command injection allows arbitrary command execution on the server.
- D
The application uses hidden form fields to store session tokens.
Why wrong: CSRF vulnerability, not command execution.