CVE-2023-3279

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks...

Cacti link Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cacti. Authentication is required to exploit this vulnerability. The specific flaw exists within the link endpoint. The issue results from the lack of proper validation of data retrieved from the...

PT-2023-31501 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions up to 5.7.100 Description: A critical issue has been found in DedeCMS, affecting an unknown functionality of the file /include/dialog/select templets post.php. The manipulation of the activepath argument leads to absolute pat...

librsvg: Arbitrary file read when xinclude href has special characters

A directory traversal vulnerability was discovered in the URL decoder of Librsvg. This issue occurs when xinclude href has special characters; demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element, which can allow an attacker to send a specially crafted URL...

The vulnerability of the XInclude mechanism for combining XML documents in the librsvg visualization library allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the XInclude mechanism for combining XML documents in the librsvg vector graphics rendering library is related to an incorrect restriction on the path name to the restricted directory during the processing of the xi:include element. Exploiting this vulnerability could allow a...

GHSA-X2JC-989C-47Q4 Hexo `include_code` has a path traversal

Hexo up to v7.1.1 was discovered to contain an arbitrary file read vulnerability...

libxml2: Incorrect server side include parsing can lead to XSS

A Cross-site scripting XSS vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in a document with element attributes that did not exist in the original document...

Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the devicestatus page. The issue results from the lack of proper validation of user-supplied...

PT-2023-24910

Name of the Vulnerable Software and Affected Versions Canto plugin for WordPress versions up to, and including, 3.0.4 Description The Canto plugin for WordPress is vulnerable to Remote File Inclusion via the wp abspath parameter. This allows unauthenticated attackers to include and execute...

The vulnerability of the Cockpit server management system arises from improper handling of file names for PHP `include` or `require` functions, allowing an attacker to execute arbitrary code.

The vulnerability of the Cockpit server management system is related to incorrect handling of file names for PHP functions like include or require. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PHPJabbers Callback Widget Cross-Site Scripting Vulnerability

PHPJabbers Callback Widget is a simple PHP script that places a discreet callback button on a website. A cross-site scripting vulnerability exists in PHPJabbers Callback Widget version v1.0, which stems from cross-site scripting XSS in the value-enum-obfincludetimezone parameter of ndex.php...

USN-6266-1 librsvg vulnerability

Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element...

USN-6266-1: librsvg vulnerability

Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element...

SUSE CVE-2023-38633

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element...

CVE-2023-38633

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element...

UBUNTU-CVE-2023-38633

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element...

WordPress Plugin wp-donate SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin wp-donate...

PT-2023-4918 · Librsvg +8 · Librsvg +8

Name of the Vulnerable Software and Affected Versions: librsvg versions prior to 2.56.3 Description: The issue is related to a directory traversal problem in the URL decoder of librsvg. This problem can be exploited by local or remote attackers to disclose files on the local filesystem outside of...

Code injection

The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...

CXF: SSRF Vulnerability

A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type...