Avoid include/require with user-controlled paths | Critiq Docs

#Metadata

Rule ID: php.security.unsafe-include-with-user-input
Severity: high
Confidence: 0.9
Languages: php
Presets: security, strict
Stability: stable
Applies to: block
Tags: inclusion, injection, php, rules-catalog, security

#Why it matters

User-controlled includes can load attacker-chosen PHP and lead to remote code execution.

#Remediation

Map user input to an allowlisted template name and include only fixed, reviewed file paths.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/php/php.security.unsafe-include-with-user-input.rule.yaml.

Back to directory Open rule in repository