Lucene search
K

1232 matches found

CVE
CVE
added 2020/02/11 5:41 p.m.56 views

CVE-2013-2057

YaBB through 2.5.2 is affected by a Local File Include vulnerability caused by the 'guestlanguage' cookie parameter, enabling inclusion of local files due to improper handling of the cookie value. Affected product/component: YaBB (web forum) up to version 2.5.2. Root cause: unsanitized cookie par...

9.8CVSS9.3AI score0.02137EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2020/02/04 3:15 p.m.26 views

CVE-2013-2678

Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submittype parameter...

8.1CVSS8.2AI score0.16873EPSS
Exploits5References4
Cvelist
Cvelist
added 2020/02/04 2:15 p.m.24 views

CVE-2013-2678

Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submittype parameter...

8.2AI score0.16873EPSS
Exploits5References4
CVE
CVE
added 2020/02/04 2:15 p.m.169 views

CVE-2013-2678

CVE-2013-2678 affects Cisco Linksys E4200 devices running firmware 1.0.05 Build 7. The Local File Include vulnerability in the apply.cgi script (submit_type parameter) could allow remote attackers to obtain sensitive information or execute arbitrary code. Public references describe XSS/LFI vector...

8.1CVSS8.1AI score0.16873EPSS
In wildExploits5References4Affected Software1
NVD
NVD
added 2020/01/28 9:15 p.m.26 views

CVE-2013-3212

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code...

8.1CVSS8.2AI score0.07543EPSS
Exploits5References3
Prion
Prion
added 2020/01/28 9:15 p.m.37 views

Code injection

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code...

6.8CVSS7.3AI score0.07543EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2020/01/28 8:23 p.m.21 views

CVE-2013-3212

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code...

8.2AI score0.07543EPSS
Exploits5References3
CVE
CVE
added 2020/01/28 8:23 p.m.91 views

CVE-2013-3212

CVE-2013-3212 affects vtiger CRM <= 5.4.0. Affected component: SOAP-based customerportal.php with two Local File Inclusion vulnerabilities in get_list_values and get_project_components. Root cause: input in the module parameter is not properly validated, leading to require_once of untrusted lo...

8.1CVSS8.5AI score0.07543EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2020/01/09 10:15 p.m.34 views

CVE-2012-2950

Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information...

9.3CVSS8.2AI score0.02395EPSS
Exploits0References2
Prion
Prion
added 2020/01/09 10:15 p.m.28 views

Design/Logic Flaw

Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information...

9.3CVSS7.5AI score0.02395EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/01/09 9:8 p.m.31 views

CVE-2012-2950

Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information...

8.2AI score0.02395EPSS
Exploits0References2
CVE
CVE
added 2020/01/09 9:8 p.m.122 views

CVE-2012-2950

CVE-2012-2950 affects Gateway Geomatics MapServer for Windows (MS4W). The vulnerability is a Local File Inclusion in the bundled Apache/PHP configuration that allows remote attackers to view arbitrary files and execute PHP code with SYSTEM privileges. Affected releases are the MS4W packages up to...

9.3CVSS8.1AI score0.02395EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/12/03 12:0 a.m.3 views

PHP-Proxy Weak Encryption Vulnerability

PHP-Proxy is a web-based proxy script featuring fast, easy customization and the ability to provide support for complex websites such as YouTube and Facebook. A weak encryption vulnerability in the strrotpass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy versions 5.1.0 and...

7.5CVSS6.6AI score0.01132EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2018/03/20 12:0 a.m.37 views

Intelbras Telefone IP TIP200 LITE Local File Disclosure

Exploit Title: INTELBRAS TELEFONE IP TIP200/200 LITE Local File Include Google Dork: Date: 16/03/2018 Exploit Author: Matheus Goncalves - anhax0r Vendor Homepage: https://www.facebook.com/anhaxteam/ Software Link: Version: 60.0.75.29 REQUIRED Tested on: Debian CVE : if applicable Remember that yo...

7.1AI score
Exploits0
NVD
NVD
added 2018/03/14 7:29 p.m.23 views

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

9.8CVSS8.9AI score0.01828EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/03/14 7:29 p.m.5 views

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

9.8CVSS5.7AI score0.01828EPSS
Exploits0References3
OSV
OSV
added 2018/03/14 7:29 p.m.30 views

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

9.8CVSS6.6AI score
Exploits0References1
CVE
CVE
added 2018/03/14 7:0 p.m.101 views

CVE-2018-8712

Webmin 1.840/1.880 expose a Local File Inclusion flaw due to weak default config: enabling "Can view any file as a log file" lets non-privileged users read sensitive local files (e.g., /etc/shadow) via GET /syslog/save_log.cgi?view=1&file=/etc/shadow. Root cause: default settings grant access to ...

9.8CVSS8.8AI score0.01828EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/14 7:0 p.m.31 views

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

9AI score0.01828EPSS
Exploits0References1
0day.today
0day.today
added 2017/01/23 12:0 a.m.35 views

Chromebackdoor graniet v3.0 web panel Multi Vulnerability

Exploit for php platform in category web applications Exploit Title: botnet graniet chrome backdoor v3.0 web panel multi vulnerability Date: 10-1-2017 Exploit Author: alqnas eslam Vendor Homepage:fb.com/alqnas4 Software Link:https://github.com/graniet/chromebackdoor Tested on:any os 1- cross site...

7.1AI score
Exploits0
Rows per page
Query Builder