Code Injection

Description
This article should cover attacks based on injecting code into a running application.

Examples
If server side scripting is enabled in some address (such as guestbook, where user can insert data) then the SSI attack can be done.

Such as :

will show all the files in current directory is the server is on a UNIX/LINUX machine.

for Windows platform :

This can be used for destructive purpose also, as the commands are executed in root/admin previlage.

Such as