BIQS IT Biqs-drive v1.83 Local File Inclusion

A local file inclusion vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user. id: CVE-2021-394...

Biqs It Biqs-drive Local File Inclusion Vulnerability

Biqs It Biqs-drive is an online driving school software from the Belgian company Biqs It. BIQS IT Biqs-drive v1.83 and below is vulnerable to a local file inclusion vulnerability, which could be exploited by attackers to read arbitrary files from the server using the privileges of the configured...

Remote file inclusion

A local file inclusion LFI vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user...

CVE-2021-39433

BIQS IT Biqs-drive v1.83 and earlier is affected by a Local File Inclusion (LFI) vulnerability in the file parameter used by download/index.php, allowing an attacker to read arbitrary server files with web-user privileges. The issue is confirmed across multiple sources (CVE-2021-39433 entries and...