RFI and SQLi based local file inclusion vulnerabilities in web applications of Bangladesh

Abstract

People nowadays cannot think of even a single moment without the internet. Doubtlessly, web applications are currently the key to all change in the world. The features and facilities of web applications make our lives easier and also demonstrate different channels of communication and exchange of data. The number of internet user is increasing day by day in Bangladesh. Web applications are not only encouraging internet users to easily receive diversified services, but also creating new opportunities in every business sector. With the help of web applications, businesses can easily enhance the quality of their services to consumers with minimal effort. However, at the same time, many threats have arisen as a result of the misuse of this technology. Cyber attacks could emerge as a major threat to the digital transformation of Bangladesh, given the vulnerability in web applications caused by careless coding during the development of such applications. During our review, we observed that the existence of Local File Inclusion (LFI) vulnerability in the web applications of Bangladesh was very critical. This paper explores in detail the harmful web application vulnerability attack, Local File Inclusion (LFI) based on Remote File Inclusion (RFI) as well as Structured Query Language Injection (SQLi), and their impact on the applications of Bangladesh.