Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lfi vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2022-29446
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress.
Wow-company Counter Box
NA
CVE-2023-37601
Office Suite Premium v10.9.1.42602 exists to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts.
Mobisystems Office Suite 10.9.1.42602
445
VMScore
CVE-2021-26031
An issue exists in Joomla! 3.0.0 up to and including 3.9.25. Inadequate filters on module layout settings could lead to an LFI.
356
VMScore
CVE-2022-29447
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress.
Wow-company Hover Effects
356
VMScore
CVE-2022-29448
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.
Wow-estore Herd Effects
668
VMScore
CVE-2019-16246
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution.
Intesync Solismed 3.3
NA
CVE-2022-34121
Cuppa CMS v1.0 exists to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.
Cuppacms Cuppacms 1.0
NA
CVE-2023-6023
An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifact_path URL parameter.
Vertaai Modeldb -
NA
CVE-2023-1124
The Shopping Cart & eCommerce Store WordPress plugin prior to 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.
Wpeasycart Wp Easycart
445
VMScore
CVE-2018-11222
Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an malicious user to call any php file via the /pandora_console/ajax.php ajax endpoint.
Artica Pandora Fms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »