Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

lfi vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2022-23167
Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED....
Amodat Amodat
10
CVSSv2
CVE-2022-23166
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the...
Sysaid Sysaid
7.5
CVSSv2
CVE-2022-26646
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter....
Banking System Project Banking System 1.0
4
CVSSv2
CVE-2022-29448
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress....
Wow-estore Herd Effects
4
CVSSv2
CVE-2022-29447
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress....
Wow-company Hover Effects
7.5
CVSSv2
CVE-2019-16246
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution....
Intesync Solismed 3.3
4
CVSSv2
CVE-2022-29446
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress....
Wow-company Counter Box
6.5
CVSSv2
CVE-2022-29445
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress....
Wow-estore Popup Box
5
CVSSv2
CVE-2021-26031
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI....
5
CVSSv2
CVE-2018-11222
Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint....
Artica Pandora Fms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalationstored XSSCVE-2022-29582CVE-2020-6507CVE-2022-36835CVE-2022-24028CVE-2022-2692CVE-2022-26346man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook