Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/09 11:48 a.m.26 views

CVE-2016-20064 WP Vault 0.8.6.6 Local File Inclusion via wpv-image Parameter

WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attackers can supply directory traversal sequences through the wpv-image GET parameter to access sensitiv...

6.9CVSS0.00671EPSS
Exploits0References4
CVE
CVE
added 2026/06/09 11:48 a.m.17 views

CVE-2016-20064

CVE-2016-20064 affects WP Vault 0.8.6.6, where an unauthenticated attacker can trigger a local file inclusion via an unescaped wpv-image GET parameter. The vulnerability allows traversal to access sensitive files (e.g., system configuration) due to improper handling in the include function. Accor...

6.9CVSS5.6AI score0.00671EPSS
Exploits0References4
seebug.org
seebug.org
added 2017/04/26 12:0 a.m.21 views

WordPress Plugin WP Vault Local File Inclusion

Description: Type user access: any user. $GET“wpv-image” is not escaped in include file. File / Code: Path: /wp-content/plugins/wp-vault/trunk/wp-vault.php includedirnameFILE . "/images/" . $GET"wpv-image"; if isset$GET"wpvfileid" includedirnameFILE . "/wpv-file-handler.php"; exit; else if...

7AI score
Exploits0
CNVD
CNVD
added 2016/12/01 12:0 a.m.2 views

Wordpress Plugin WP Vault Local File Inclusion Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Wordpress plugin WP Vault '$GET"wpv-image"' there is a local file inclusion vulnerability. Allowing an attacker...

6.3AI score
Exploits0References1
0day.today
0day.today
added 2016/12/01 12:0 a.m.24 views

Wordpress WP Vault 0.8.6.6 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: WP Vault 0.8.6.6 – Plugin WordPress – Local File Inclusion Date: 28/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/wp-vault/ Software Link: https://wordpress.org/plugins/wp-vault/ Contact:...

7.1AI score
Exploits0
WPVulnDB
WPVulnDB
added 2016/11/30 12:0 a.m.13 views

WP Vault 0.8.6.6 - Unauthenticated Local File Inclusion (LFI)

The wp-vault WordPress plugin was affected by an Unauthenticated Local File Inclusion LFI security vulnerability...

2.2AI score
Exploits0References2Affected Software1
Rows per page
Query Builder