Lucene search
K

26827 matches found

Nuclei
Nuclei
added yesterday36 views

Moodle Jmol Filter 6.1 - Local File Inclusion

Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing attackers to read arbitrary files on the server. id: CVE-2025-34031 info: name: Moodle Jmol Filter 6.1 - Local File Inclusion author: madrobot severity: high description: | Moodle Jmol Filter 6.1 is...

8.7CVSS7.1AI score0.02963EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday10 views

Blinko < 1.8.4 - Path Traversal

Blinko 1.8.4 contains a path traversal vulnerability caused by lack of permission checks and filtering on the temp/ path in the file server endpoint, letting unauthorized attackers read arbitrary files including backup files with user notes and tokens, exploit requires no special privileges. id:...

8.2CVSS6.2AI score0.01523EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday14 views

changedetection.io <= 0.52.9 - Unauthenticated Path Traversal

changedetection.io / route, letting unauthenticated attackers read local application source files. id: CVE-2026-25527 info: name: changedetection.io / route, letting unauthenticated attackers read local application source files. impact: | Unauthenticated attackers can read local application sourc...

5.3CVSS6.1AI score0.00917EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday13 views

WP User Manager – User Profile Builder & Membership - Local File Inclusion

WP User Manager – User Profile Builder & Membership plugin for WordPress = 2.9.17 contains a local file inclusion caused by improper handling in the profile template scope function, letting unauthenticated attackers execute arbitrary PHP code, exploit requires ability to upload or control PHP...

7.5CVSS6.3AI score0.02403EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday66 views

WordPress Simple Image Manipulator < 1.0 - Local File Inclusion

WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion in ./simple-image-manipulator/controller/download.php because no checks are made to authenticate users or sanitize input when determining file location. id: CVE-2015-1000010 info: name: WordPress Simple Image Manipulator...

7.5CVSS7AI score0.07038EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday46 views

Xceedium Xsuite <=2.4.4.5 - Local File Inclusion

Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/readsessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter. id: CVE-2015-4666 info: name: Xceedium Xsuite =2.4.4.5 - Local File Inclusion author: 0xAkoko severity: medium...

5CVSS7.2AI score0.16235EPSS
Exploits5References5
Nuclei
Nuclei
added yesterday28 views

Cross RSS 1.7 - Local File Inclusion

Absolute path traversal vulnerability in Cross-RSS wp-cross-rss plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php. id: CVE-2014-4941 info: name: Cross RSS 1.7 - Local File Inclusion author: DhiyaneshDK severity: medium...

5CVSS7.2AI score0.04306EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday64 views

Solara <1.35.1 - Local File Inclusion

A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...

8.6CVSS7.1AI score0.02884EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday46 views

Fonality trixbox - Local File Inclusion

Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. dot dot in the lang parameter to 1 home/index.php, 2 asteriskinfo/asteriskinfo.php, 3 repo/repo.php, or 4 endpointcfg/endpointcfg.php in maint/modules/. id: CVE-2014-5111 info...

5CVSS6.2AI score0.21237EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday165 views

Dompdf < v0.6.0 - Local File Inclusion

A vulnerability in dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a...

6.8CVSS7.1AI score0.39374EPSS
Exploits6References5
Nuclei
Nuclei
added yesterday56 views

WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal

A directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the dewfile parameter. id: CVE-2013-7240 info: name: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal author...

5CVSS7.2AI score0.19641EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday54 views

WordPress RobotCPA 5 - Directory Traversal

The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. id: CVE-2015-9480 info: name: WordPress RobotCPA 5 - Directory Traversal author: daffainfo severity: high description: The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter...

7.5CVSS7AI score0.12574EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday72 views

ResourceSpace - Local File inclusion

ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. id: CVE-2015-3648 info: name: ResourceSpace - Local File inclusion author: pikpikcu severity: high description: ResourceSpace is prone to a local file-inclusion...

7.5CVSS6.1AI score0.08083EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday191 views

PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion

Files on the Windows system are accessible without authentication to external parties due to a local file inclusion in PerkinElmer ProcessPlus.This issue affects ProcessPlus through 1.11.6507.0. id: CVE-2024-6911 info: name: PerkinElmer ProcessPlus = 1.11.6507.0 - Local File Inclusion author:...

8.7CVSS7AI score0.04944EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday33 views

Opsview Monitor Pro - Local File Inclusion

Opsview Monitor Pro prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch is vulnerable to unauthenticated local file inclusion and can be exploited by issuing a specially crafted HTTP GET request utilizing a simple bypass. id:...

7.5CVSS7AI score0.16109EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday67 views

phpPgAdmin <=4.2.1 - Local File Inclusion

phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. dot dot in the language parameter to index.php. id: CVE-2008-5587 info: name: phpPgAdmin =4.2.1 - Local File Inclusion author:...

4.3CVSS6.2AI score0.12865EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday40 views

Joomla! Component RWCards 3.0.11 - Local File Inclusion

A directory traversal vulnerability in captcha/captchaimage.php in the RWCards comrwcards 3.0.11 component for Joomla! when magicquotesgpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter. id: CVE-2008-6172 inf...

6.8CVSS6.3AI score0.12284EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday47 views

Joomla! <=2.0.0 RC2 - Local File Inclusion

Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module comextplorer that allows remote attackers to read arbitrary files via a .. dot dot in the dir parameter in a showerror action. id: CVE-2008-4764 info: name: Joomla! =2.0.0 RC2 - Local File Inclusion...

5CVSS6.2AI score0.16505EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday47 views

Joomla! ionFiles 4.4.2 - Local File Inclusion

Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles comionfiles that allows remote attackers to read arbitrary files via a .. dot dot in the file parameter. id: CVE-2008-6080 info: name: Joomla! ionFiles 4.4.2 - Local File Inclusion author: daffainfo...

5CVSS6.2AI score0.10637EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday78 views

Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion

Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via comimagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php. id: CVE-2008-4668 info: name: Joomla! Image Browser 0.1.5 rc2 - Local...

9CVSS6.3AI score0.21476EPSS
Exploits1References5
Rows per page
Query Builder