Showing 1 - 25 of 4,038

File Inclusion Files

openSIS 7.4 Unauthenticated PHP Code Execution: Posted Jul 6, 2020; Authored by EgiX | Site metasploit.com; This Metasploit module exploits multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The exploit chain abuses an incorrect access control issue which allows access to scripts which should require the user to be authenticated, and a local file inclusion to reach a SQL injection vulnerability which results in execution of arbitrary PHP code due to an unsafe use of the eval() function.; tags | exploit, arbitrary, local, php, vulnerability, sql injection, file inclusion; advisories | CVE-2020-13381, CVE-2020-13382, CVE-2020-13383; MD5 | 07a638401a07dae3fe0cc15b5a196965; Download | Favorite | View

openSIS 7.4 Local File Inclusion: Posted Jun 30, 2020; Authored by EgiX | Site karmainsecurity.com; openSIS versions 7.4 and below suffer from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; advisories | CVE-2020-13383; MD5 | 34773fe08298e4f70971b2ca475bfba4; Download | Favorite | View

FHEM 6.0 Local File Inclusion: Posted Jun 25, 2020; Authored by Emre OVUNC; FHEM version 6.0 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; MD5 | 35ad551f0a301429cff04952d64edc5e; Download | Favorite | View

Odoo 12.0 Local File Inclusion: Posted Jun 22, 2020; Authored by Emre OVUNC; Odoo version 12.0 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; MD5 | ef259aea09b43ebfc94e8efe879074f2; Download | Favorite | View

OpenCTI 3.3.1 Cross Site Scripting / Directory Traversal: Posted Jun 18, 2020; Authored by Raif Berkay Dincel; OpenCTI version 3.3.1 suffers from cross site scripting and directory traversal vulnerabilities.; tags | exploit, vulnerability, xss, file inclusion; MD5 | 01e5582f9668a47e3707a7ac7a906c85; Download | Favorite | View

MJML 4.6.2 Path Traversal: Posted Jun 16, 2020; Authored by Julien Ahrens | Site rcesecurity.com; MJML versions 4.6.2 and below suffer from a path traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2020-12827; MD5 | a0a3f891f47c7b51f226844efd20e946; Download | Favorite | View

Bludit 3.9.12 Directory Traversal: Posted Jun 9, 2020; Authored by Luis Vacacas; Bludit version 3.9.12 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2019-16113; MD5 | 58e30747011aa13fe7bddb3f9412d0d7; Download | Favorite | View

Navigate CMS 2.8.7 Directory Traversal: Posted Jun 4, 2020; Authored by Gus Ralph; Navigate CMS version 2.8.7 suffers from an authenticated directory traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2020-13795; MD5 | e422428b73acd01b8faae4427b9bcb16; Download | Favorite | View

Booked Scheduler 2.7.7 Directory Traversal: Posted May 6, 2020; Authored by Besim Altinok, Ismail Bozkurt; Booked Scheduler version 2.7.7 suffers from an authenticated directory traversal vulnerability.; tags | exploit, file inclusion; MD5 | a4735a7d21fe839b802938d376f307c3; Download | Favorite | View

SimplePHPGal 0.7 Remote File Inclusion: Posted May 5, 2020; Authored by h4shur; SimplePHPGal version 0.7 suffers from a remote file inclusion vulnerability.; tags | exploit, remote, code execution, file inclusion; MD5 | 69eb6230d589074cf1c0543f754f010b; Download | Favorite | View

BoltWire 6.03 Local File Inclusion: Posted May 4, 2020; Authored by Andrey Stoykov; BoltWire version 6.03 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; MD5 | 4592e504295e563f4cf421c3c26ba239; Download | Favorite | View

Gigamon GigaVUE 5.5.01.11 Directory Traversal / File Upload: Posted Apr 29, 2020; Authored by Balazs Hambalko; Gigamon GigaVUE version 5.5.01.11 suffers from directory traversal and file upload with command execution vulnerabilities. Gigamon has chosen to sunset this product and not offer a patch.; tags | exploit, vulnerability, file inclusion, file upload; advisories | CVE-2020-12251, CVE-2020-12252; MD5 | 0fcc796a695117342acf0f72ae2515de; Download | Favorite | View

Zen Load Balancer 3.10.1 Directory Traversal: Posted Apr 23, 2020; Authored by Dhiraj Mishra, Basim Alabdullah | Site metasploit.com; This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.; tags | exploit, arbitrary, cgi, file inclusion; MD5 | 098e961d63357b612d0c1f8c93294ae0; Download | Favorite | View

QRadar Community Edition 7.3.1.6 Path Traversal: Posted Apr 21, 2020; Authored by Yorick Koster, Securify B.V.; QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs). QRadar fails to validate if the user-supplied token is in the correct format. Using path traversal it is possible for authenticated users to impersonate other users, and also to executed arbitrary code (via Java deserialization). The code will be executed with the privileges of the Tomcat system user.; tags | exploit, java, arbitrary, file inclusion; MD5 | 6cb180e7e16b46cc6581407a5507d0a0; Download | Favorite | View

QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation: Posted Apr 21, 2020; Authored by Yorick Koster, Securify B.V.; QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side request forgery and (potentially) arbitrary execution of code.; tags | exploit, arbitrary, file inclusion; advisories | CVE-2020-4272; MD5 | f813c8f629536b1985d46109b98d02f8; Download | Favorite | View

TVT NVMS 1000 Directory Traversal: Posted Apr 13, 2020; Authored by Mohin Paramasivam; TVT NVMS 1000 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2019-20085; MD5 | 801d83449f54d4e39592e24a359a856d; Download | Favorite | View

WordPress Media Library Assistant 2.81 Local File Inclusion: Posted Apr 13, 2020; Authored by Daniel Monzon; WordPress Media Library Assistant plugin version 2.81 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; MD5 | b31e7279051191481d8919615b301f40; Download | Favorite | View

Zen Load Balancer 3.10.1 Directory Traversal: Posted Apr 10, 2020; Authored by Basim Alabdullah; Zen Load Balancer version 3.10.1 suffers from a directory traversal vulnerability. This finding was originally discovered by Cody Sixteen.; tags | exploit, file inclusion; MD5 | 4eab1f70983bec64bb7c6a94d06cf884; Download | Favorite | View

LimeSurvey 4.1.11 Path Traversal: Posted Apr 3, 2020; Authored by Matthew Aberegg, Michael Burkey; LimeSurvey version 4.1.11 suffers from a File Manager path traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2020-11455; MD5 | 15a17460c92285cb9514da2991c14b64; Download | Favorite | View

Joomla Fabrik 3.9.11 Directory Traversal: Posted Mar 30, 2020; Authored by qw3rTyTy; Joomla Fabrik component version 3.9.11 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; MD5 | ca6510d47275441b8241ea7c2bb9e5e7; Download | Favorite | View

Jinfornet Jreport 15.6 Directory Traversal: Posted Mar 27, 2020; Authored by hongphukt; Jinfornet Jreport version 15.6 suffers from an unauthenticated directory traversal vulnerability.; tags | exploit, file inclusion; MD5 | aa0b75959e528f9f28ec3bdf8df57c76; Download | Favorite | View

FIBARO System Home Center 5.021 Remote File Inclusion / XSS: Posted Mar 23, 2020; Authored by LiquidWorm | Site zeroscience.mk; FIBARO System Home Center version 5.021 suffers from cross site scripting and remote file inclusion vulnerabilities.; tags | exploit, remote, vulnerability, xss, file inclusion; MD5 | 3f7f7703a1c9d1be0e5090ceeb7c714c; Download | Favorite | View

PHPKB Multi-Language 9 Authenticated Directory Traversal: Posted Mar 16, 2020; Authored by Antonio Cannito; PHPKB Multi-Language 9 suffers from an authenticated directory traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2020-10387; MD5 | aba62435c30641b2f7f83973ae012c79; Download | Favorite | View

Horde Groupware Webmail Edition 5.2.22 PHP File Inclusion: Posted Mar 12, 2020; Authored by Andrea Cardaci; Horde Groupware Webmail Edition version 5.2.22 suffers from a PHP file inclusion vulnerability.; tags | exploit, php, file inclusion; advisories | CVE-2020-8865, CVE-2020-8866; MD5 | d2b595c8544f4d3d4cd3488e79c4933d; Download | Favorite | View

Apache Tomcat AJP Ghostcat File Read / Inclusion: Posted Feb 26, 2020; Authored by ydhcui; Apache Tomcat AJP Ghostcat file read and inclusion exploit.; tags | exploit, file inclusion; advisories | CVE-2020-10487; MD5 | 28027f46fb9f230fd41b684c0e835073; Download | Favorite | View

Page 1 of 162 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 171 files
Ubuntu 41 files
Gentoo 23 files
Emre OVUNC 5 files
Saeed reza Zamanian 5 files
Paras Bhatia 5 files
EgiX 4 files
Isha Gupta 3 files
BKpatron 3 files
s1l3nt78 3 files

File Archives

Systems

AIX (417)
Apple (1,729)
BSD (367)
Cisco (1,890)
Debian (5,944)
Fedora (1,688)
FreeBSD (1,240)
Gentoo (3,852)
HPUX (871)
iOS (265)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (37,897)
Mac OS X (668)
Mandriva (3,105)
NetBSD (255)
OpenBSD (471)
RedHat (8,769)
Slackware (941)
Solaris (1,591)
SUSE (1,444)
Ubuntu (6,730)
UNIX (8,679)
UnixWare (178)
Windows (5,652)
Other

File Inclusion Files

File Archive:

July 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems