Lucene search
K

20392 matches found

Nuclei
Nuclei
added yesterday165 views

Zeit Next.js < 4.2.3 - Local File Inclusion

Zeit Next.js before 4.2.3 is susceptible to local file inclusion under the /next request namespace. An attacker can obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2018-6184 info: name: Zeit Next.js =4.2...

7.5CVSS7.1AI score0.0906EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday47 views

CuppaCMS v1.0 - Local File Inclusion

Cuppa CMS v1.0 is vulnerable to local file inclusion via the component /templates/default/html/windows/right.php. id: CVE-2022-34121 info: name: CuppaCMS v1.0 - Local File Inclusion author: edoardottt severity: high description: | Cuppa CMS v1.0 is vulnerable to local file inclusion via the...

7.5CVSS7AI score0.03059EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday32 views

Joomla! ProDesk 1.0/1.2 - Local File Inclusion

Joomla! Pro Desk Support Center comprodesk component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. dot dot in the includefile parameter to index.php. id: CVE-2008-6222 info: name: Joomla! ProDesk 1.0/1.2 - Local File Inclusion author: daffainfo severity: medium description:...

5CVSS6.1AI score0.11497EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday36 views

DVDFab 12 Player/PlayerFab - Local File Inclusion

DVDFab 12 Player/PlayerFab is susceptible to local file inclusion which allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player recently renamed PlayerFab has read-access. id: CVE-2022-25216 info: name: DVDFab 12 Player/PlayerFa...

7.8CVSS7.1AI score0.13835EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday42 views

Joomla! Component Web TV 1.0 - Local File Inclusion

A directory traversal vulnerability in the Web TV comwebtv component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1470 info: name: Joomla! Component Web TV 1.0 -...

7.5CVSS6.1AI score0.13351EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday35 views

LG-Ericsson iPECS NMS 30M - Local File Inclusion

Ericsson-LG iPECS NMS 30M allows local file inclusion via ipecs-cm/download?filename=../ URIs. id: CVE-2018-15138 info: name: LG-Ericsson iPECS NMS 30M - Local File Inclusion author: 0xAkoko severity: high description: Ericsson-LG iPECS NMS 30M allows local file inclusion via...

7.5CVSS7.1AI score0.12851EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday34 views

Joomla! Component SMEStorage - Local File Inclusion

A directory traversal vulnerability in the SMEStorage comsmestorage component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-1858 info: name: Joomla! Component SMEStorage - Local File...

5CVSS6.1AI score0.13621EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday36 views

PilusCart <=1.4.1 - Local File Inclusion

PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion. id: CVE-2019-16123 info: name: PilusCart =1.4.2 or apply the vendor-supplied patch to mitigate the LFI vulnerability. reference: -...

7.5CVSS7.1AI score0.16484EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday33 views

Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion

A directory traversal vulnerability in the TRAVELbook comtravelbook component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1535 info: name: Joomla! Component...

7.5CVSS6.1AI score0.15334EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday38 views

LionWiki <3.2.12 - Local File Inclusion

LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion. id: CVE-2020-27191 info: name: LionWiki 3.2.12 - Local File Inclusion author: 0xAkoko severity: high description: LionWiki before...

7.5CVSS7.1AI score0.08361EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday39 views

WHMpress <= 6.3-revision-0 - Unauthenticated Local File Inclusion to Arbitrary Options Update

The WHMpress - WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpressdomainsearchajaxextendedresults function. This makes it possible for unauthenticated attackers to include and execute...

9.8CVSS7.9AI score0.03111EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday28 views

Joomla! Component Archery Scores 1.0.6 - Local File Inclusion

A directory traversal vulnerability in archeryscores.php in the Archery Scores comarcheryscores component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1718 info: name: Joomla! Compone...

6.8CVSS6.2AI score0.09455EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday42 views

Chartify – WordPress Chart Plugin < 2.9.6 - Local File Inclusion

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

9.8CVSS7.8AI score0.04841EPSS
Exploits3References4
Nuclei
Nuclei
added yesterday34 views

Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion

Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request. id: CVE-2022-32409 info: name: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File...

9.8CVSS7.4AI score0.09475EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday30 views

Joomla! Component Online Exam 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...

6.8CVSS6.1AI score0.08177EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday44 views

Horde/Horde Groupware - Local File Inclusion

Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the HordeImage driver name. id: CVE-2009-0932 inf...

6.4CVSS6.2AI score0.41263EPSS
Exploits8References5
Nuclei
Nuclei
added yesterday51 views

Joomla! Component NoticeBoard 1.3 - Local File Inclusion

A directory traversal vulnerability in the Code-Garage NoticeBoard comnoticeboard component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1658 info: name: Joomla!...

5CVSS6.1AI score0.16014EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday29 views

Joomla! Component iF surfALERT 1.2 - Local File Inclusion

A directory traversal vulnerability in the iF surfALERT comifsurfalert component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1717 info: name: Joomla! Component i...

7.5CVSS6.1AI score0.22285EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday61 views

WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion

WordPress MDC YouTube Downloader 2.1.0 plugin is susceptible to local file inclusion. A remote attacker can read arbitrary files via a full pathname in the file parameter to includes/download.php. id: CVE-2015-5469 info: name: WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion author:...

7.5CVSS7.2AI score0.10148EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday26 views

Joomla! Harmis Messenger 1.2.2 - Local File Inclusion

Joomla! Harmis Messenger 1.2.2 is vulnerable to local file inclusion which could give an attacker read access to arbitrary files. id: CVE-2019-9922 info: name: Joomla! Harmis Messenger 1.2.2 - Local File Inclusion author: 0xAkoko severity: high description: Joomla! Harmis Messenger 1.2.2 is...

7.5CVSS6.7AI score0.1059EPSS
Exploits0References5
Rows per page
Query Builder