Fluid Attacks Database

Description

Detects when sensitive user input data is being stored unsafely in files using PHP file operations. This creates a security risk as sensitive user data like passwords or personal information could be written to files without proper encryption or access controls.

Weakness:

020 - Non-encrypted confidential information

Category: Information Collection

Detection Strategy

• Identifies PHP file write operations (like fwrite, fputs) that store data to files

• Checks if the file handle comes from an unsafe file open operation (e.g. fopen)

• Verifies that the data being written originates from user input (e.g. $_POST, $_GET)

• Triggers when both conditions are met - unsafe file operations with user input data

Vulnerable code example

<?php
function unsafe_write_sensitive_data() {
    $fp = fopen('/var/data/users.txt', 'w');
    $password = $_POST['password'];  // Insecure: Directly using unvalidated user input
    fwrite($fp, $password);         // Vulnerable: Writing unsanitized password to file
    fclose($fp);
}

✅ Secure code example

<?php
function safe_write_sensitive_data() {
    try {
        // Use proper error handling for file operations
        if (!$fp = fopen('/var/data/users.txt', 'w')) {
            throw new Exception('Failed to open file');
        }
        ...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.