Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

lfi vulnerabilities and exploits

(subscribe to this query)

6.5
CVE-2022-37191
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload....
Cuppacms Cuppacms 1.0
9.8
CVSSv3
CVE-2022-23167
Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED....
Amodat Amodat
9.8
CVSSv3
CVE-2022-26646
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter....
Banking System Project Banking System 1.0
9.8
CVSSv3
CVE-2022-23166
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : [here is the...
Sysaid Sysaid
7.2
CVSSv3
CVE-2022-29447
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress....
Wow-company Hover Effects
7.5
CVE-2023-6020
LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication. ...
Ray Project Ray -
9.8
CVSSv3
CVE-2019-16246
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution....
Intesync Solismed 3.3
7.5
CVE-2023-37601
Office Suite Premium v10.9.1.42602 was discovered to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts....
Mobisystems Office Suite 10.9.1.42602
7.5
CVE-2023-6021
LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. ...
Ray Project Ray -
7.2
CVSSv3
CVE-2022-29446
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress....
Wow-company Counter Box
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XSSCVE-2023-48314CVE-2023-6376CVE-2023-46384arbitrary codeCVE-2023-42917CVE-2023-48842CVE-2023-42916firewall
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook