Lucene search
K

2593 matches found

Nuclei
Nuclei
added 18 hours ago24 views

Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion

Mirasys DVMS Workstation versions 5.12.6 and prior suffer from local file inclusion vulnerabilities. id: CVE-2018-8727 info: name: Mirasys DVMS Workstation =5.12.7 to mitigate the LFI vulnerability. reference: -...

7.5CVSS7.1AI score0.078EPSS
Exploits5References4
Nuclei
Nuclei
added 18 hours ago55 views

Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion

Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin "filebrowser" is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal. id: CVE-2018-13980 info: name: Zeta Producer Desktop CMS 14.2.1 - Local File Inclusion author...

5.5CVSS6.8AI score0.06902EPSS
Exploits5References5
Nuclei
Nuclei
added 18 hours ago111 views

Directorist < 7.5.4 - Local File Inclusion

Directorist before 7.5.4 is susceptible to Local File Inclusion as it does not validate the file parameter when importing CSV files. id: CVE-2023-2252 info: name: Directorist 7.5.4 - Local File Inclusion author: r3Y3r53 severity: low description: | Directorist before 7.5.4 is susceptible to Local...

2.7CVSS6.6AI score0.01324EPSS
Exploits2References3
Nuclei
Nuclei
added 18 hours ago75 views

Mlflow <2.3.0 - Local File Inclusion

Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2356 info: name: Mlflow 2.3.0 - Local File Inclusion author: Co5mos severity: high description: | Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1. impact: | Successful exploitation...

10CVSS7.1AI score0.04153EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago69 views

Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion

A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter. id: CVE-2023-29887 info: name: Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion author: ctflearner severity: high description: | A Local...

7.5CVSS7.2AI score0.04736EPSS
Exploits1References3
Nuclei
Nuclei
added 18 hours ago51 views

Joomla! Cmimarketplace 0.1 - Local File Inclusion

Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because comcmimarketplace allows remote attackers to list arbitrary directories via a .. dot dot in the viewit parameter to index.php. id: CVE-2009-1496 info: name: Joomla! Cmimarketplace 0.1 - Local File Inclusion author: daffainf...

5CVSS6.1AI score0.07183EPSS
Exploits1References3
Nuclei
Nuclei
added 18 hours ago143 views

PrestaShop tshirtecommerce - Directory Traversal

The Custom Product Designer tshirtecommerce module for PrestaShop allows HTTP requests to be forged using POST and GET parameters, enabling a remote attacker to perform directory traversal on the system and view the contents of code files. id: CVE-2023-27640 info: name: PrestaShop tshirtecommerce...

7.5CVSS7.2AI score0.03573EPSS
Exploits1References3
Nuclei
Nuclei
added 18 hours ago54 views

Mlflow <2.3.1 - Local File Inclusion Bypass

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. id: CVE-2023-2780 info: name: Mlflow 2.3.1 - Local File Inclusion Bypass author: iamnoooob,pdresearch severity: critical description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...

9.8CVSS7.2AI score0.06311EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago50 views

ManageEngine Firewall Analyzer <8.0 - Local File Inclusion

ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion. id: CVE-2015-7780 info: name: ManageEngine Firewall Analyzer 8.0 - Local File Inclusion author: daffainfo severity: medium description: ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion...

6.5CVSS6.8AI score0.10631EPSS
Exploits0References5
Nuclei
Nuclei
added 18 hours ago113 views

WordPress Slider Revolution - Local File Disclosure

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734. id:...

5CVSS7.3AI score0.22055EPSS
Exploits5References5
Nuclei
Nuclei
added 18 hours ago75 views

Bonita BPM Portal <6.5.3 - Local File Inclusion

Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. dot dot in the theme parameter and a file path in the location parameter to bonita/portal/themeResource. id: CVE-2015-3897 info: name: Bonita BPM Portal 6.5.3 - Local File Inclusion author: 0xAkoko severity:...

5CVSS6.6AI score0.17681EPSS
Exploits5References5
Nuclei
Nuclei
added 18 hours ago55 views

WordPress MyPixs <=0.3 - Local File Inclusion

WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability. id: CVE-2015-1000012 info: name: WordPress MyPixs =0.4 or apply the vendor-provided patch to fix the LFI vulnerability. reference: - https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985 -...

7.5CVSS7.1AI score0.09325EPSS
Exploits2References5
Nuclei
Nuclei
added 18 hours ago77 views

Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion

Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via comimagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php. id: CVE-2008-4668 info: name: Joomla! Image Browser 0.1.5 rc2 - Local...

9CVSS6.2AI score0.21476EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago173 views

CMSimple 3.1 - Local File Inclusion

CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when registerglobals is enabled which allows remote attackers to include and execute arbitrary local files via a .. dot dot in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including...

6.8CVSS6.3AI score0.18809EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago58 views

WordPress Sniplets 1.1.2 - Local File Inclusion

PHP remote file inclusion vulnerability in modules/syntaxhighlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. id: CVE-2008-1059 info: name: WordPress Sniplets 1.1.2 - Local File Inclusion autho...

7.5CVSS6.3AI score0.48329EPSS
Exploits2References5
Nuclei
Nuclei
added 18 hours ago72 views

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 id: CVE-2013-5528 info: name:...

8.1CVSS7.3AI score0.88559EPSS
Exploits22References4
Nuclei
Nuclei
added 18 hours ago175 views

EasySpider 0.6.2 - Arbitrary File Read

A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input...

8.8CVSS5.5AI score0.03333EPSS
Exploits1References6
Nuclei
Nuclei
added 18 hours ago55 views

Joomla! Component com_rokdownloads - Local File Inclusion

A directory traversal vulnerability in the RokDownloads comrokdownloads component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1056 info: name: Joomla! Component comrokdownload...

6.8CVSS6.2AI score0.11414EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago63 views

VMware - Local File Inclusion

VMware Workspace ONE Access, Identity Manager, and Realize Automation are vulnerable to local file inclusion because they contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access withou...

9.8CVSS7.3AI score0.18285EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago35 views

TermTalk Server 3.24.0.2 - Local File Inclusion

TermTalk Server TTServer 3.24.0.2 is vulnerable to file inclusion which allows unauthenticated malicious user to gain access to the files on the remote system by providing the relative path of the file they want to retrieve. id: CVE-2021-35380 info: name: TermTalk Server 3.24.0.2 - Local File...

7.5CVSS7.1AI score0.38954EPSS
Exploits1References5
Rows per page
Query Builder