Total
203 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24985 | 1 Quadbase | 1 Espressdashboard | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
|
An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads.
|
|||||
| CVE-2020-22474 | 1 Weberp | 1 Weberp | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter, which can lead to local file inclusion.
|
|||||
| CVE-2020-16152 | 1 Extremenetworks | 1 Aerohive Netconfig | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file.
|
|||||
| CVE-2020-13977 | 2 Fedoraproject, Nagios | 2 Fedora, Nagios | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408.
|
|||||
| CVE-2020-13651 | 1 Digdash | 1 Digdash | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an attacker-controlled URL, the client will obtain a rogue JNLP file specifying the installation of malicious JAR archives and executed with full privileges on the client computer.
|
|||||
| CVE-2020-13175 | 1 Teradici | 2 Cloud Access Connector, Cloud Access Connector Legacy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
|
|||||
| CVE-2020-10865 | 2 Avast, Microsoft | 2 Antivirus, Windows | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.
|
|||||
| CVE-2019-9829 | 1 Maccms | 1 Maccms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates.
|
|||||
| CVE-2019-8154 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP file inclusion through a crafted XML file that specifies product design update.
|
|||||
| CVE-2019-5479 | 1 Larvit | 1 Larvitbase | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).
|
|||||
| CVE-2019-4263 | 1 Ibm | 1 Content Navigator | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. IBM X-Force ID: 160015.
|
|||||
| CVE-2019-16951 | 1 Enghouse | 1 Web Chat | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one's own domain name. When the product calls this domain after the POST request is sent, it retrieves an attacker's data and displays it. Also worth mentioning is the amount of information sent in the request from this product to the attacker: it reveals information the public should not have. This includes pathnames and internal ip addresses.
|
|||||
| CVE-2019-13589 | 1 Anjlab | 1 Paranoid2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.1.5.
|
|||||
| CVE-2019-11770 | 1 Eclipse | 1 Buildship | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolving dependencies over HTTP instead of HTTPS. Any of these artifacts could have been MITM to maliciously compromise them and infect the build artifacts that were produced. Additionally, if any of these JARs or other dependencies were compromised, any developers using these could continue to be infected past updating to fix this.
|
|||||
| CVE-2019-11591 | 1 Web-dorado | 1 Contact Form | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
The WebDorado Contact Form plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized.
|
|||||
| CVE-2019-11590 | 1 10web | 1 Form Maker | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized.
|
|||||
| CVE-2019-10666 | 1 Librenms | 1 Librenms | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling basename() or a similar function. An attacker can leverage this to execute PHP code from the included file. Exploitation of these scripts is made difficult by additional text being appended (typically .inc.php), which means an attacker would need to be able to control both a filename and its content on ...
Show More |
|||||
| CVE-2019-10249 | 1 Eclipse | 2 Xtend, Xtext | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised.
|
|||||
| CVE-2019-10248 | 1 Eclipse | 1 Vorto | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.
|
|||||
| CVE-2019-10240 | 1 Eclipse | 1 Hawkbit | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.
|
|||||
| CVE-2018-8351 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.
|
|||||
| CVE-2018-7422 | 1 Siteeditor | 1 Site Editor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
|
|||||
| CVE-2018-1122 | 3 Canonical, Debian, Procps-ng Project | 3 Ubuntu Linux, Debian Linux, Procps-ng | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
|
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function.
|
|||||
| CVE-2018-18387 | 1 Playsms Project | 1 Playsms | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.
|
|||||
| CVE-2018-17246 | 2 Elastic, Redhat | 2 Kibana, Openshift Container Platform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
|
|||||
| CVE-2018-15486 | 1 Kone | 2 Group Controller, Group Controller Firmware | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02.
|
|||||
| CVE-2018-12120 | 1 Nodejs | 1 Node.js | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node. ...
Show More |
|||||
| CVE-2018-11040 | 3 Debian, Oracle, Vmware | 28 Debian Linux, Agile Product Lifecycle Management, Application Testing Suite and 25 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through the " ...
Show More |
|||||
| CVE-2018-1000502 | 1 Mybb | 1 Mybb | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance -> Task Manager -> Add New Task) that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have access to admin panel. This vulnerability appears to have been fixed in 1.8.15.
|
|||||
| CVE-2017-5397 | 1 Mozilla | 1 Firefox | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions. This vulnerability affects Firefox < 51.0.3.
|
|||||
| CVE-2017-14095 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system.
|
|||||
| CVE-2013-4582 | 1 Gitlab | 2 Gitlab, Gitlab-shell | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface.
|
|||||
| CVE-2013-3321 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 6.0 MEDIUM | 7.5 HIGH |
|
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
|
|||||
| CVE-2013-1945 | 1 Ruby-lang | 1 Ruby193 | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
ruby193 uses an insecure LD_LIBRARY_PATH setting.
|
|||||
| CVE-2012-4919 | 1 Gallery Project | 1 Gallery | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability
|
|||||
| CVE-2024-48336 | 2024-11-04 | N/A | 8.4 HIGH | ||
|
The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privileges to silently execute arbitrary code in the Magisk app and escalate privileges to root via a crafted package, aka Bug #8279. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-50497 | 1 Buynowdepot | 1 Advanced Online Ordering And Delivery Platform | 2024-10-31 | N/A | 9.8 CRITICAL |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuyNowDepot Advanced Online Ordering and Delivery Platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering and Delivery Platform: from n/a through 2.0.0.
|
|||||
| CVE-2024-49243 | 1 Jonvincentmendoza | 1 Dynamic Elementor Addons | 2024-10-22 | N/A | 8.8 HIGH |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0.
|
|||||
| CVE-2022-49038 | 1 Synology | 1 Drive Client | 2024-10-08 | N/A | 7.8 HIGH |
|
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2024-45416 | 2024-09-20 | N/A | 8.1 HIGH | ||
|
The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init function. The session -LUA- files are stored in the directory /var/lua_session, the function iterates on all files in this directory and executes them using the function dofile without any validation if it is a valid session file or not. An attacker who is able to write a malicious file in the sessions directory can get RCE as root.
|
|||||