File tampering

Description
  • This script is possibly vulnerable to file tampering.

    The scanner detected that user input gets written to a file from the server. This alert requires user confirmation. It may be a false positive. It depends on the file that gets written and how/if user input is santitized before being written to this file. Please make sure that user input is not written to a file that gets interpreted by the web server (for example a PHP file) and check if this file is located inside the application directory.
Remediation
  • Please make sure that user input is properly sanitized before being written to the file.