Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
lfi vulnerabilities and exploits
(subscribe to this query)
6.5
CVE-2022-37191
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload....
Cuppacms Cuppacms 1.0
1 Github repository available
9.8
CVSSv3
CVE-2022-23167
Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED....
Amodat Amodat
9.8
CVSSv3
CVE-2022-23166
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the...
Sysaid Sysaid
9.8
CVSSv3
CVE-2022-26646
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter....
Banking System Project Banking System 1.0
7.2
CVSSv3
CVE-2022-29447
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress....
Wow-company Hover Effects
9.8
CVSSv3
CVE-2019-16246
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution....
Intesync Solismed 3.3
4.9
CVSSv3
CVE-2022-29448
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress....
Wow-estore Herd Effects
7.2
CVSSv3
CVE-2022-29446
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress....
Wow-company Counter Box
7.2
CVSSv3
CVE-2022-29445
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Popup Box plugin <= 2.1.2 at WordPress....
Wow-estore Popup Box
5.3
CVSSv3
CVE-2021-26031
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI....
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48285
CVE-2023-23621
bypass
CVE-2019-25053
file inclusion
CVE-2023-24055
logic flaw
CVE-2023-23560
CVE-2022-48012
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »