In this pattern the attacker is able to load and execute an arbitrary PHP
						file. This is usually accomplished through an improperly sanitized "include"
						call, which the user can then control to point to any web-accessible file.
						This allows attackers to hijack the targeted application and force it to
						execute their own instructions.