Abstract: This article describes a method of taking advantage of a .php script Local File Inclusion vulnerability. It does not describe any vulnerability in the PHP engine itself, nor does it describe any new vulnerability class.
Download: PHP_LFI_rfc1867_temporary_files_2021.pdf