Yeastar TG400 GSM Gateway version 91.3.0.3 suffers from a path traversal vulnerability.
a467c9ff54325292a1cc919f562ee67f
SolarWinds Serv-U File Server versions through 15.2.1 do not correctly validate path information, allowing the disclosure of files and directories outside of the user's home directory via a specially crafted GET request.
bcff8e686a6d68a1e71f68016c03b076
WordPress Supsystic Backup plugin version 2.3.9 suffers from a local file inclusion vulnerability.
aa7db6fb704f48b330319ce9f9b505e6
WordPress Supsystic Digital Publications plugin version 1.6.9 suffers from cross site scripting, denial of service, and traversal vulnerabilities.
20cf753fe2b0be4cf71a7b33d728cf4f
WordPress versions 5.0.0 and 4.9.8 and below remote code execution exploit that leverages path traversal and file inclusion vulnerabilities.
87ecab4766942bdc35c24a3b4d93d1dd
Home Assistant Community Store (HACS) version 1.10.0 suffers from a path traversal vulnerability that allows for account takeover.
2e4344a9f1aa53aed3bf84cb9d2bc67d
EyesOfNetwork version 5.3 suffers from a local file inclusion vulnerability.
88fd5acc1e0c31de7e01d0c3cfd29bc1
Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.
576b9b1598c826767542e7d40705bbc2
Gotenberg versions 6.2.0 and below suffer from directory traversal, code execution, and insecure permission vulnerabilities.
a91eed6c85bc9e21292b509d9c121d3a
Rocket.Chat suffers from a path traversal vulnerability.
497aca2c2e16a627c295b8a37f6b49a7
This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered.
25786101984968ff048b1ccf1294f760
Task Management System version 1.0 suffers from a local file inclusion vulnerability.
34b7e2cf93770d5be340a0dc747d2533
Cisco ASA version 9.14.1.10 and FTD version 6.6.0.1 path traversal exploit. Original discovery of this vulnerability is attributed to 3ndG4me in October of 2020.
7cf23b4f5854a2f296a17705db8fae41
Seacms version 11.1 suffers from a local file inclusion vulnerability.
4f0b0f0a174adaf8dba76ff066184250
Advanced Component System (ACS) version 1.0 suffers from a path traversal vulnerability.
c0df758f96538e1b8ac9689218a081ad
Rukovoditel version 2.6.1 remote code execution exploit that leverages shell upload and local file inclusion vulnerabilities.
e2fa9c797d92a57016481570e269e9e5
Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.
85b5e3c8c9cb495114ef096e2616e76a
Simple College Website version 1.0 suffers from a local file inclusion vulnerability.
86b49885d775e8eb45bc78ef1e69613a
Car Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
3a68203e8a08bc0b1358a7badb0e67c3
TestBox CFML Test Framework version 4.1.0 suffers from a directory traversal vulnerability.
88450fd3a243fe57d5806f5e6b84c134
Medical Center Portal Management System released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
ebb1a8cb615f15dc9ac1503fc00676dc
Online News Portal versions released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
150d4a01deee247d05bff4f6b2ff5485
SIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
288aba0ed822e5b2856245f6549208e1
This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.
d988d9b9c395233084520c1b63a93177
Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.
57c76870c76473a7da1cad2edd7fa766