RFI ( RFI -> RCE )
Similar to LFI, RFI fetches the documents from the specified url location, so what an attacker can do is,
Create a malicious php file
Host it in his local machine
Request the file with the URL
The php code will be executed and the output will be obtained
Last updated