20391 matches found
EUVD-2026-41659
PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations...
CVE-2026-12194
PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations...
CVE-2026-12194
PHPIPAM is affected by an authenticated local file inclusion vulnerability that can allow API-authenticated users to include arbitrary PHP files on the server filesystem. The API is not enabled by default on installations. The CVSS metrics indicate a low-severity issue with network access, low ef...
Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request. id: CVE-2022-32409 info: name: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File...
Jellyfin <10.7.0 - Local File Inclusion
Jellyfin before 10.7.0 is vulnerable to local file inclusion. This issue is more prevalent when Windows is used as the host OS. Servers exposed to public Internet are potentially at risk. id: CVE-2021-21402 info: name: Jellyfin 10.7.0 - Local File Inclusion author: dwisiswant0 severity: medium...
Joomla! Component JInventory 1.23.02 - Local File Inclusion
A directory traversal vulnerability in jinventory.php in the JInventory comjinventory component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1305...
Joomla! ProDesk 1.0/1.2 - Local File Inclusion
Joomla! Pro Desk Support Center comprodesk component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. dot dot in the includefile parameter to index.php. id: CVE-2008-6222 info: name: Joomla! ProDesk 1.0/1.2 - Local File Inclusion author: daffainfo severity: medium description:...
Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion
A directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the...
Web Directory Free < 1.7.3 - Local File Inclusion
The Web Directory Free WordPress plugin before 1.7.3 does not validate a parameter before using it in an include, which could lead to Local File Inclusion issues. id: CVE-2024-3673 info: name: Web Directory Free 1.7.3 - Local File Inclusion author: s4e-io severity: critical description: | The Web...
Joomla! Component Picasa 2.0 - Local File Inclusion
A directory traversal vulnerability in the Picasa comjoomlapicasa2 component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1306 info: name: Joomla! Component Picasa 2.0 - Local File Inclusion...
Joomla! Component JA Voice 2.0 - Local File Inclusion
A directory traversal vulnerability in the JA Voice comjavoice component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. id: CVE-2010-1982 info: name: Joomla! Component JA Voice 2.0 - Local File Inclusion author: daffainfo...
Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion
A directory traversal vulnerability in the JE Quotation Form comjequoteform component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the view parameter to index.php. id: CVE-2010-2128 info: name: Joomla! Component ...
Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion
A directory traversal vulnerability in the Picasa2Gallery compicasa2gallery component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2507 info: name:...
Joomla! Component Jimtawl 1.0.2 - Local File Inclusion
A directory traversal vulnerability in the Jimtawl comjimtawl component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. dot dot in the task parameter to index.php. id: CVE-2010-4769 info: name: Joomla! Component Jimtawl 1.0.2 - Local...
Joomla! Component SVMap 1.1.1 - Local File Inclusion
A directory traversal vulnerability in the SVMap comsvmap component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1308 info: name: Joomla! Component SVMap 1.1.1 - Local File Inclusion author: daffainfo...
Joomla! Component com_janews - Local File Inclusion
A directory traversal vulnerability in the JA News comjanews component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1219 info: name: Joomla! Component comjanews - Local File Inclusion author: daffainf...
Huawei Firewall - Local File Inclusion
USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gai...
Chyrp 2.x - Local File Inclusion
A directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F encoded dot dot slash in the action parameter to the default URI. id: CVE-2011-2744 info: name: Chyrp 2.x - Local File Inclusion author: daffainfo severity...
Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion
A directory traversal vulnerability in the Affiliate Datafeeds comdatafeeds component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1979 info: name: Joomla! Component Affiliate Datafeeds 880 - Local Fi...
Lokomedia CMS - Local File Inclusion
A Local File Inclusion LFI vulnerability exists in Lokomedia CMS. The application allows an attacker to include files on the server that should not be accessible, potentially exposing sensitive information. id: CVE-2010-2018 info: name: Lokomedia CMS - Local File Inclusion author: r3Y3r53 severit...