4 matches found
CVE-2023-2249
The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of filegetcontents without appropriate verification of the data being supplied to the function...
CVE-2025-25800
CVE-2025-25800 affects SeaCMS 13.3. An arbitrary file read vulnerability exists in the file_get_contents function within admin_safe_file.php. The published descriptions indicate this enables disclosure of sensitive information through unintended file access. Several sources (NVD, Red Hat, CVE lis...
Deserialization of untrusted data
The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of filegetcontents without appropriate verification of the data being supplied to the function...
onArcade 2.4.x Local File Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: onArcade 2.4.x Local File Get Contents Vulnerability Google Dork: inurl:"cup.php?a=all" Date: 23 Mar 2017 Exploit Author: Deyaa Muhammad Author Mail: contact at deyaa.me Exploit Blog:...