Lucene search
K

42381 matches found

Nuclei
Nuclei
added 10 hours ago56 views

LionWiki <3.2.12 - Local File Inclusion

LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion. id: CVE-2020-27191 info: name: LionWiki 3.2.12 - Local File Inclusion author: 0xAkoko severity: high description: LionWiki before...

7.5CVSS7AI score0.08361EPSS
Exploits1References4
Nuclei
Nuclei
added 10 hours ago12 views

System Dashboard < 2.8.15 - Admin+ Path Traversal

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server id: CVE-2024-10708 info: name: System Dashboard 2.8.15 - Admin+ Path...

4.9CVSS7.1AI score0.0203EPSS
Exploits1References3
Nuclei
Nuclei
added 10 hours ago30 views

WordPress Plugin Tera Charts - Local File Inclusion

Multiple local file inclusion vulnerabilities in Tera Charts tera-charts plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the fn parameter to 1 charts/treemap.php or 2 charts/zoomabletreemap.php. id: CVE-2014-4940 info: name: WordPress Plugin Tera Charts...

5CVSS7.2AI score0.18734EPSS
Exploits2References4
Nuclei
Nuclei
added 10 hours ago66 views

WordPress Simple Image Manipulator < 1.0 - Local File Inclusion

WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion in ./simple-image-manipulator/controller/download.php because no checks are made to authenticate users or sanitize input when determining file location. id: CVE-2015-1000010 info: name: WordPress Simple Image Manipulator...

7.5CVSS7AI score0.07038EPSS
Exploits2References4
Nuclei
Nuclei
added 10 hours ago70 views

WordPress Candidate Application Form <= 1.3 - Local File Inclusion

WordPress Candidate Application Form = 1.3 is susceptible to arbitrary file downloads because the code in downloadpdffile.php does not do any sanity checks. id: CVE-2015-1000005 info: name: WordPress Candidate Application Form = 1.3 - Local File Inclusion author: dhiyaneshDK severity: high...

7.5CVSS7.1AI score0.08833EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago39 views

Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion

Oracle GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to unauthenticated local file inclusion vulnerabilities that allow remote attackers to request arbitrary files on the server. id: CVE-2017-1000029 info: name: Oracle GlassFish Server Open Source Edition 3.0.1 - Local File...

7.5CVSS7.1AI score0.08348EPSS
Exploits0References3
Nuclei
Nuclei
added 10 hours ago72 views

ResourceSpace - Local File inclusion

ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. id: CVE-2015-3648 info: name: ResourceSpace - Local File inclusion author: pikpikcu severity: high description: ResourceSpace is prone to a local file-inclusion...

7.5CVSS6.1AI score0.08083EPSS
Exploits3References5
Nuclei
Nuclei
added 10 hours ago139 views

WordPress Mail Masta 1.0 - Local File Inclusion

WordPress Mail Masta 1.0 is susceptible to local file inclusion in countofsend.php and csvexport.php. id: CVE-2016-10956 info: name: WordPress Mail Masta 1.0 - Local File Inclusion author: daffainfo,0x240x23elu severity: high description: WordPress Mail Masta 1.0 is susceptible to local file...

7.5CVSS7AI score0.10178EPSS
Exploits2References5
Nuclei
Nuclei
added 10 hours ago46 views

Xceedium Xsuite <=2.4.4.5 - Local File Inclusion

Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/readsessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter. id: CVE-2015-4666 info: name: Xceedium Xsuite =2.4.4.5 - Local File Inclusion author: 0xAkoko severity: medium...

5CVSS7.2AI score0.16235EPSS
Exploits5References5
Nuclei
Nuclei
added 10 hours ago63 views

WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion

WordPress MDC YouTube Downloader 2.1.0 plugin is susceptible to local file inclusion. A remote attacker can read arbitrary files via a full pathname in the file parameter to includes/download.php. id: CVE-2015-5469 info: name: WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion author:...

7.5CVSS7.1AI score0.10148EPSS
Exploits2References5
Nuclei
Nuclei
added 10 hours ago42 views

Webgrind <= 1.5 - Local File Inclusion

Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem that the webserver user has access to via an index.php?op=fileviewer&file= URI id: CVE-2018-12909 info: name: Webgrind = 1.5 - Local File Inclusion author: DhiyaneshDk severity: high...

7.8CVSS7AI score0.18568EPSS
Exploits0References5
Nuclei
Nuclei
added 10 hours ago49 views

LG-Ericsson iPECS NMS 30M - Local File Inclusion

Ericsson-LG iPECS NMS 30M allows local file inclusion via ipecs-cm/download?filename=../ URIs. id: CVE-2018-15138 info: name: LG-Ericsson iPECS NMS 30M - Local File Inclusion author: 0xAkoko severity: high description: Ericsson-LG iPECS NMS 30M allows local file inclusion via...

7.5CVSS7AI score0.12851EPSS
Exploits0References4
Nuclei
Nuclei
added 10 hours ago45 views

Kodi 17.1 - Local File Inclusion

Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of insufficient validation of user input. id: CVE-2017-5982 info: name: Kodi 17.1 - Local File Inclusion author: 0xAkoko severity: high description: | Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of...

7.5CVSS6.9AI score0.7763EPSS
Exploits5References5
Nuclei
Nuclei
added 10 hours ago54 views

WordPress RobotCPA 5 - Directory Traversal

The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. id: CVE-2015-9480 info: name: WordPress RobotCPA 5 - Directory Traversal author: daffainfo severity: high description: The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter...

7.5CVSS7AI score0.12574EPSS
Exploits2References3
Nuclei
Nuclei
added 10 hours ago71 views

AxxonSoft Axxon Next - Local File Inclusion

AxxonSoft Axxon Next suffers from a local file inclusion vulnerability. id: CVE-2018-7467 info: name: AxxonSoft Axxon Next - Local File Inclusion author: 0xAkoko severity: high description: AxxonSoft Axxon Next suffers from a local file inclusion vulnerability. impact: | An attacker can read...

7.5CVSS7AI score0.10358EPSS
Exploits2References5
Nuclei
Nuclei
added 10 hours ago36 views

Tyto Sahi pro 7.x/8.x - Local File Inclusion

Tyto Sahi Pro versions through 7.x.x and 8.0.0 are susceptible to a local file inclusion vulnerability in the web reports module which can allow an outside attacker to view contents of sensitive files. id: CVE-2018-20470 info: name: Tyto Sahi pro 7.x/8.x - Local File Inclusion author: daffainfo...

7.5CVSS7AI score0.45055EPSS
Exploits6References4
Nuclei
Nuclei
added 10 hours ago60 views

Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion

Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 is susceptible to local file inclusion in public/examples/resources/getsource.php. This could allow remote attackers to read arbitrary files via the file parameter. id: CVE-2017-15363 info: name: Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local...

7.5CVSS7AI score0.15212EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago40 views

OpenEMR <5.0.2 - Local File Inclusion

OpenEMR before 5.0.2 is vulnerable to local file inclusion via the fileName parameter in custom/ajaxdownload.php. An attacker can download any file that is readable by the web server user from server storage. If the requested file is writable for the web server user and the directory...

8.8CVSS7AI score0.66891EPSS
Exploits11References5
Nuclei
Nuclei
added 10 hours ago89 views

Aptana Jaxer 1.0.3.4547 - Local File inclusion

Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI. id: CVE-2019-14312 info: name: Aptana Jaxer 1.0.3.4547 - Local File inclusion author: daffainfo...

6.5CVSS6.7AI score0.20586EPSS
Exploits5References5
Nuclei
Nuclei
added 10 hours ago48 views

WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion

WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php. id: CVE-2018-9118 info: name: WordPress 99 Robots WP Background Takeover Advertisements =4.1.4 - Local File Inclusion author: 0xAkoko severity: high description: |...

7.5CVSS7AI score0.48158EPSS
Exploits4References5
Rows per page
Query Builder