Lucene search
K

42239 matches found

CVE
CVE
added 54 minutes ago5 views

CVE-2026-59703

repomix contains a local file inclusion vulnerability in the git clone endpoint that allows unauthenticated attackers to read arbitrary local git repositories. The isValidRemoteValue function in src/core/git/gitRemoteParse.ts fails to block file:// URLs, permitting attackers to supply file://...

8.7CVSS
Exploits0References4
Nuclei
Nuclei
added 10 hours ago87 views

Omnia MPX 1.5.0+r1 - Local File Inclusion

Telos Alliance Omnia MPX Node through 1.5.0+r1 is vulnerable to local file inclusion via logs/downloadMainLog. By retrieving userDB.json allows an attacker to retrieve cleartext credentials and escalate privileges via the control panel. id: CVE-2022-36642 info: name: Omnia MPX 1.5.0+r1 - Local Fi...

9.8CVSS7.2AI score0.09572EPSS
Exploits1References4
Nuclei
Nuclei
added 10 hours ago121 views

H2O ImportFiles - Local File Inclusion

An attacker is able to read any file on the server hosting the H2O dashboard without any authentication. id: CVE-2023-6038 info: name: H2O ImportFiles - Local File Inclusion author: danmcinerney,byt3bl33d3r severity: high description: | An attacker is able to read any file on the server hosting t...

9.3CVSS7.2AI score0.0434EPSS
Exploits1References3
Nuclei
Nuclei
added 10 hours ago188 views

MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP cod...

9.8CVSS7.8AI score0.05018EPSS
Exploits0References5
Nuclei
Nuclei
added 10 hours ago23 views

MasterSAM Star Gate v11 - Local File Inclusion

MasterSAM Star Gate v11 is vulnerable to a directory traversal attack via the endpoint /adama/adama/downloadService. An attacker can exploit this vulnerability by manipulating the file parameter to access arbitrary files on the server, potentially leading to the exposure of sensitive information...

6.5CVSS7.3AI score0.03012EPSS
Exploits0References2
Nuclei
Nuclei
added 10 hours ago103 views

Apache OFBiz < 18.12.07 - Local File Inclusion

Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a pre-authentication attack. This issue affects Apache OFBiz: before 18.12.07. id: CVE-2022-47501 info: name: Apache OFBiz 18.12.07 - Local File Inclusion author: your3cho severity:...

7.5CVSS7.1AI score0.1018EPSS
Exploits0References5
Nuclei
Nuclei
added 10 hours ago30 views

OS4Ed OpenSIS Community 8.0 - Local File Inclusion

OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php modname parameter, which can disclose arbitrary file from the server's filesystem as long as the application has access to the file. id: CVE-2021-40651 info: name: OS4Ed OpenSIS Community 8.0 - Local...

6.5CVSS6.7AI score0.18415EPSS
Exploits2References5
Nuclei
Nuclei
added 10 hours ago64 views

esm.sh <= v136 - Local File Inclusion

esm.sh = 136 contains a local file inclusion caused by improper URL handling, letting attackers read arbitrary files from the host filesystem remotely, exploit requires crafted request. id: CVE-2025-59341 info: name: esm.sh = v136 - Local File Inclusion author: 0xAkoko severity: high description:...

8.7CVSS7.3AI score0.01527EPSS
Exploits0References3
Nuclei
Nuclei
added 10 hours ago39 views

Home Assistant HACS - Local File Inclusion

Home Assistant before 2021.1.3 lacks a protection layer against directory-traversal attacks in custom integrations, letting attackers access arbitrary files, exploit requires attacker to deploy malicious custom integration. id: CVE-2021-3152 info: name: Home Assistant HACS - Local File Inclusion...

5.3CVSS6.2AI score0.02231EPSS
Exploits0References4
Nuclei
Nuclei
added 10 hours ago50 views

Pascom CPS - Local File Inclusion

Pascom packaged with Cloud Phone System CPS versions before 7.20 contain a known local file inclusion vulnerability. id: CVE-2021-45968 info: name: Pascom CPS - Local File Inclusion author: dwisiswant0 severity: high description: | Pascom packaged with Cloud Phone System CPS versions before 7.20...

7.5CVSS7.1AI score0.10666EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago27 views

Joomla! Component ZiMBCore 0.1 - Local File Inclusion

A directory traversal vulnerability in the ZiMB Core aka ZiMBCore or comzimbcore component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id:...

7.5CVSS6.1AI score0.07402EPSS
Exploits1References4
Nuclei
Nuclei
added 10 hours ago25 views

Joomla! Component WMI 1.5.0 - Local File Inclusion

A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface aka WMI or comwmi component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1607 info: name: Joomla!...

6.8CVSS6.2AI score0.08177EPSS
Exploits1References4
Nuclei
Nuclei
added 10 hours ago31 views

Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion

A directory traversal vulnerability in the Ultimate Portfolio comultimateportfolio component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1659 info: name: Joomla! Component Ultimate Portfolio 1.0 - Local Fi...

5CVSS6.1AI score0.13985EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago36 views

Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion

A directory traversal vulnerability in the ZiMB Comment comzimbcomment component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1602 info: name: Joomla! Component...

7.5CVSS6.1AI score0.15695EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago48 views

Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion

A directory traversal vulnerability in the Foobla Suggestions comfooblasuggestions component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-2920 info: name: Joomla! Component Foobla...

6.8CVSS6.1AI score0.05688EPSS
Exploits2References5
Nuclei
Nuclei
added 10 hours ago27 views

Joomla! Component Canteen 1.0 - Local File Inclusion

A SQL injection vulnerability in menu.php in the Canteen comcanteen component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. id: CVE-2010-4977 info: name: Joomla! Component Canteen 1.0 - Local File Inclusion author: daffainfo...

7.5CVSS6.3AI score0.15251EPSS
Exploits1References5
Nuclei
Nuclei
added 10 hours ago31 views

Joomla! Component Jstore - 'Controller' Local File Inclusion

A directory traversal vulnerability in Jstore comjstore component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-5286 info: name: Joomla! Component Jstore - 'Controller...

10CVSS6.1AI score0.11382EPSS
Exploits1References4
Nuclei
Nuclei
added 10 hours ago33 views

Joomla! Component Jimtawl 1.0.2 - Local File Inclusion

A directory traversal vulnerability in the Jimtawl comjimtawl component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. dot dot in the task parameter to index.php. id: CVE-2010-4769 info: name: Joomla! Component Jimtawl 1.0.2 - Local...

7.5CVSS6.1AI score0.07593EPSS
Exploits2References2
Nuclei
Nuclei
added 10 hours ago78 views

Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion

A directory traversal vulnerability in jphone.php in the JPhone comjphone component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-3426 info: name: Joomla! Component Jphone 1.0...

7.5CVSS6.2AI score0.14109EPSS
Exploits3References5
Nuclei
Nuclei
added 10 hours ago135 views

Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion

A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites comjoomla-visites component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter. id: CVE-2010-2918 info: name: Joomla! Component Visit...

7.5CVSS6.3AI score0.13704EPSS
Exploits1References5
Rows per page
Query Builder