File tampering

Description
  • This script is possibly vulnerable to file tampering.<br/><br/>The scanner detected that user input gets written to a file from the server. <strong>This alert requires user confirmation. It may be a false positive.</strong> It depends on the file that gets written and how/if user input is santitized before being written to this file. Please make sure that user input is not written to a file that gets interpreted by the web server (for example a PHP file) and check if this file is located inside the application directory.
Remediation
  • Please make sure that user input is properly sanitized before being written to the file.
Severity
Classification
Tags