Lucene search
K

20403 matches found

RedhatCVE
RedhatCVE
added 9 hours ago8 views

CVE-2026-58467

A flaw was found in Cockpit CMS. This vulnerability, a path traversal and local file inclusion, allows an unauthenticated attacker to read arbitrary files or execute PHP files. By manipulating the URL, an attacker can bypass security checks and access restricted directories. This could lead to...

8.2CVSS6.3AI score0.0042EPSS
Exploits0References6
NVD
NVD
added 12 hours ago5 views

CVE-2024-6228

The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscriber-level access and above to include and execute arbitrary local PHP files on t...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago6 views

CVE-2024-6228 WANotifier < 2.6 - Subscriber+ LFI

The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscriber-level access and above to include and execute arbitrary local PHP files on t...

Exploits0References1
CVE
CVE
added 14 hours ago5 views

CVE-2024-6228

The CVE-2024-6228 vulnerability affects the Notifications for Forms & WordPress Actions WordPress plugin (before version 2.6). It occurs because the plugin does not validate a user-supplied value when building a server-side file inclusion path, enabling authenticated users with subscriber-level a...

7.5CVSS6.2AI score
Exploits0References1
Nuclei
Nuclei
added 17 hours ago68 views

Pandora Fms < 3.1.1 - Directory Traversal

Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via 1 the page parameter to ajax.php or 2 the id parameter to general/pandorahelp.php, and allow remote attackers to include and execute, create, modify, or...

7.5CVSS6.2AI score0.19495EPSS
Exploits6References5
Nuclei
Nuclei
added 17 hours ago61 views

Joomla! MooFAQ 1.0 - Local File Inclusion

Joomla! Ideal MooFAQ 1.0 via commoofaq allows remote attackers to read arbitrary files via a .. dot dot in the file parameter local file inclusion. id: CVE-2009-2015 info: name: Joomla! MooFAQ 1.0 - Local File Inclusion author: daffainfo severity: high description: Joomla! Ideal MooFAQ 1.0 via...

7.5CVSS6.1AI score0.06507EPSS
Exploits1References4
Nuclei
Nuclei
added 17 hours ago45 views

Joomla! Component com_biblestudy - Local File Inclusion

A directory traversal vulnerability in the Bible Study combiblestudy component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter in a studieslist action to index.php. id: CVE-2010-0157 info: name: Joomla! Component...

7.5CVSS6.2AI score0.12969EPSS
Exploits1References4
Nuclei
Nuclei
added 17 hours ago38 views

Joomla! Component RWCards 3.0.11 - Local File Inclusion

A directory traversal vulnerability in captcha/captchaimage.php in the RWCards comrwcards 3.0.11 component for Joomla! when magicquotesgpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter. id: CVE-2008-6172 inf...

6.8CVSS6.2AI score0.12284EPSS
Exploits1References4
Nuclei
Nuclei
added 17 hours ago40 views

Joomla! Agora 3.0.0b - Local File Inclusion

Joomla! Agora 3.0.0b comagora allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php. id: CVE-2009-3053 info: name: Joomla! Agora 3.0.0b - Local File Inclusion author: daffainfo severit...

6.8CVSS6.2AI score0.05925EPSS
Exploits1References5
Nuclei
Nuclei
added 17 hours ago32 views

Joomla! Component Online Exam 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the Online Examination aka Online Exam or comonlineexam component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1715 info: name: Joomla! Component Online Exam 1.5.0 -...

6.8CVSS6.1AI score0.08177EPSS
Exploits2References5
Nuclei
Nuclei
added 17 hours ago140 views

Gitblit 1.9.3 - Local File Inclusion

Gitblit 1.9.3 is vulnerable to local file inclusion via /resources//../ e.g., followed by a WEB-INF or META-INF pathname. id: CVE-2022-31268 info: name: Gitblit 1.9.3 - Local File Inclusion author: 0xAkoko severity: high description: | Gitblit 1.9.3 is vulnerable to local file inclusion via...

7.5CVSS7AI score0.09601EPSS
Exploits1References5
Nuclei
Nuclei
added 17 hours ago44 views

Cisco SD-WAN vManage Software - Local File Inclusion

Cisco SD-WAN vManage Software in the application data endpoints is vulnerable to local file inclusion which could allow an unauthenticated, remote attacker to gain access to sensitive information. id: CVE-2020-26073 info: name: Cisco SD-WAN vManage Software - Local File Inclusion author: madrobot...

7.5CVSS7.1AI score0.12062EPSS
Exploits0References2
Nuclei
Nuclei
added 17 hours ago50 views

Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion

A directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the...

4.3CVSS6.1AI score0.06429EPSS
Exploits1References5
Nuclei
Nuclei
added 17 hours ago48 views

Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion

A directory traversal vulnerability in the Foobla Suggestions comfooblasuggestions component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. id: CVE-2010-2920 info: name: Joomla! Component Foobla...

6.8CVSS6.1AI score0.05688EPSS
Exploits2References5
Nuclei
Nuclei
added 17 hours ago35 views

Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion

A directory traversal vulnerability in the TRAVELbook comtravelbook component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1535 info: name: Joomla! Component...

7.5CVSS6.1AI score0.15334EPSS
Exploits2References4
Nuclei
Nuclei
added 17 hours ago60 views

ResourceSpace - Local File inclusion

ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. id: CVE-2015-3648 info: name: ResourceSpace - Local File inclusion author: pikpikcu severity: high description: ResourceSpace is prone to a local file-inclusion...

7.5CVSS5.9AI score0.08083EPSS
Exploits3References5
Nuclei
Nuclei
added 17 hours ago65 views

Tarantella Enterprise <3.11 - Local File Inclusion

Tarantella Enterprise versions prior to 3.11 are susceptible to local file inclusion. id: CVE-2018-19753 info: name: Tarantella Enterprise 3.11 - Local File Inclusion author: 0xAkoko severity: high description: | Tarantella Enterprise versions prior to 3.11 are susceptible to local file inclusion...

7.5CVSS7.1AI score0.16564EPSS
Exploits3References5
Nuclei
Nuclei
added 17 hours ago40 views

Joomla! Roland Breedveld Album 1.14 - Local File Inclusion

Joomla! Roland Breedveld Album 1.14 comalbum is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. dot dot in the target parameter to index.php. id: CVE-2009-3318 info: name: Joomla! Roland Breedveld...

7.5CVSS6.1AI score0.06455EPSS
Exploits1References4
Nuclei
Nuclei
added 17 hours ago56 views

Huawei Firewall - Local File Inclusion

USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gai...

4.3CVSS6AI score0.01238EPSS
Exploits0References1
Nuclei
Nuclei
added 17 hours ago53 views

Joomla! Component News Portal 1.5.x - Local File Inclusion

A directory traversal vulnerability in the iJoomla News Portal comnewsportal component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1312 info: name: Joomla! Component News Portal 1.5.x - Local File...

5CVSS6.1AI score0.13621EPSS
Exploits2References4
Rows per page
Query Builder