: The server executes the arbitrary PHP script upon directory access, leading directly to Remote Code Execution (RCE). 2. Parameter Manipulation and Local File Inclusion (LFI)