Vulmon Recent Vulnerabilities Trends Blog About Contact

local file inclusion vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2006-5426
PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter....
7.5
CVSSv2
CVE-2007-0860
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) TEMPLATE_DIR parameter to (a) showinvoices.php, (b) showmonth.php, (c) showevents.php, (d)...
7.5
CVSSv2
CVE-2009-0966
PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences....
7.5
CVSSv2
CVE-2009-2263
Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by...
4
CVSSv2
CVE-2018-18863
NGA ResourceLink 20.0.2.1 allows local file inclusion....
6.5
CVSSv2
CVE-2012-1496
Local file inclusion in WebCalendar before 1.2.5....
5
CVSSv2
CVE-2015-1000012
Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin...
7.5
CVSSv2
CVE-2010-4239
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion...
5
CVSSv2
CVE-2013-2227
GLPI 0.83.7 has Local File Inclusion in common.tabs.php....
4
CVSSv2
CVE-2016-6435
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-25175template injectionspoofCVE-2021-21251physicalCVE-2020-28482CVE-2021-1682CVE-2021-0208CVE-2021-3113