Fonality trixbox - Local File Inclusion

Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. dot dot in the lang parameter to 1 home/index.php, 2 asteriskinfo/asteriskinfo.php, 3 repo/repo.php, or 4 endpointcfg/endpointcfg.php in maint/modules/. id: CVE-2014-5111 info...

Express-handlebars - Local File Inclusion

Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential...

uDraw <3.3.3 - Local File Inclusion

uDraw before 3.3.3 does not validate the url parameter in its udrawconverturltobase64 AJAX action available to both unauthenticated and authenticated users before using it in the filegetcontents function and returning its content base64 encoded in the response. As a result, unauthenticated users...

ResourceSpace - Local File inclusion

ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. id: CVE-2015-3648 info: name: ResourceSpace - Local File inclusion author: pikpikcu severity: high description: ResourceSpace is prone to a local file-inclusion...

TP-LINK - Local File Inclusion

TP-LINK is susceptible to local file inclusion in these products: Archer C5 1.2 with firmware before 150317, Archer C7 2.0 with firmware before 150304, and C8 1.0 with firmware before 150316, Archer C9 1.0, TL-WDR3500 1.0, TL-WDR3600 1.0, and TL-WDR4300 1.0 with firmware before 150302, TL-WR740N...

SysAid Help Desk <15.2 - Local File Inclusion

SysAid Help Desk before 15.2 contains multiple local file inclusion vulnerabilities which can allow remote attackers to read arbitrary files via .. dot dot in the fileName parameter of getGfiUpgradeFile or cause a denial of service CPU and memory consumption via .. dot dot in the fileName paramet...

Joomla! Component Canteen 1.0 - Local File Inclusion

A SQL injection vulnerability in menu.php in the Canteen comcanteen component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. id: CVE-2010-4977 info: name: Joomla! Component Canteen 1.0 - Local File Inclusion author: daffainfo...

Devika - Local File Inclusion

A local file read vulnerability exists in the stitionai/devika repository, affecting the latest version. The vulnerability is due to improper handling of the 'snapshotpath' parameter in the '/api/get-browser-snapshot' endpoint. An attacker can exploit this vulnerability by crafting a request with...

Joomla! Component Archery Scores 1.0.6 - Local File Inclusion

A directory traversal vulnerability in archeryscores.php in the Archery Scores comarcheryscores component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1718 info: name: Joomla! Compone...

Joomla! Component Shoutbox Pro - Local File Inclusion

A directory traversal vulnerability in the Shoutbox Pro comshoutbox component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1534 info: name: Joomla! Component Shoutbox Pro - Local File Inclusion author: daffainf...

Joomla! Component TweetLA 1.0.1 - Local File Inclusion

A directory traversal vulnerability in the TweetLA comtweetla component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1533 info: name: Joomla! Component TweetLA 1.0.1 - Local File Inclusion author: daffain...

Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion

A directory traversal vulnerability in the AlphaUserPoints comalphauserpoints component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the view parameter to index.php. id: CVE-2010-1476 info: name: Joomla! Componen...

Joomla! Component Advertising 0.25 - Local File Inclusion

A directory traversal vulnerability in the Advertising comadvertising component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1473 info: name: Joomla! Component...

Joomla! Component Web TV 1.0 - Local File Inclusion

A directory traversal vulnerability in the Web TV comwebtv component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1470 info: name: Joomla! Component Web TV 1.0 -...

Joomla! Component Juke Box 1.7 - Local File Inclusion

A directory traversal vulnerability in the JOOFORGE Jutebox comjukebox component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1352 info: name: Joomla! Component Juke Box 1.7 - Local File Inclusion...

Joomla! Component News Portal 1.5.x - Local File Inclusion

A directory traversal vulnerability in the iJoomla News Portal comnewsportal component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1312 info: name: Joomla! Component News Portal 1.5.x - Local File...

Joomla! Component SVMap 1.1.1 - Local File Inclusion

A directory traversal vulnerability in the SVMap comsvmap component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1308 info: name: Joomla! Component SVMap 1.1.1 - Local File Inclusion author: daffainfo...

Joomla! Component com_janews - Local File Inclusion

A directory traversal vulnerability in the JA News comjanews component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1219 info: name: Joomla! Component comjanews - Local File Inclusion author: daffainf...

OpenEMR 4.1 - Local File Inclusion

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the formname parameter to 1 contrib/acog/printform.php; or 2 loadform.php, 3 viewform.php, or 4 trendform.php in interface/patientfile/encounter. id:...

WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)

A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter. id: CVE-2011-1669 info: name: WP Custom Pages 0.5.0.1 - Local File Inclusion LFI...