Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

lfi vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2022-37191
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload....
Cuppacms Cuppacms 1.0
7.5
CVSSv2
CVE-2022-23167
Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED....
Amodat Amodat
4
CVSSv2
CVE-2022-29448
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress....
Wow-estore Herd Effects
10
CVSSv2
CVE-2022-23166
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the...
Sysaid Sysaid
7.5
CVSSv2
CVE-2022-26646
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter....
Banking System Project Banking System 1.0
NA
CVE-2023-37601
Office Suite Premium v10.9.1.42602 was discovered to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts....
Mobisystems Office Suite 10.9.1.42602
4
CVSSv2
CVE-2022-29447
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress....
Wow-company Hover Effects
7.5
CVSSv2
CVE-2019-16246
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution....
Intesync Solismed 3.3
4
CVSSv2
CVE-2022-29446
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress....
Wow-company Counter Box
6.5
CVSSv2
CVE-2022-29445
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress....
Wow-estore Popup Box
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
seacmsCVE-2023-28393remote code executionauthentication bypassopen redirectacymailingCVE-2023-43339CVE-2023-3664openstackpopup builderCVE-2023-21987CVE-2023-21991CVE-2023-3550
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook