Tag
file-inclusion
Safeguard articles tagged "file-inclusion" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Application Security
PHP code security fundamentals: injection, deserialization, and file inclusion
PHP still powers over 70% of server-side websites, and its three oldest vulnerability classes — injection, deserialization, and file inclusion — remain the most common findings in 2026.
Jul 8, 20267 min read
Vulnerability Analysis
Ghostcat: Apache Tomcat AJP File Read and RCE (CVE-2020-1938) Explained
CVE-2020-1938 turned Tomcat's default AJP connector into a file-disclosure and RCE primitive. Here's how the request-attribute abuse works and how to shut it down.
Jul 1, 20266 min read