what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 4,146

File Inclusion Files

Jupiter / JupiterX Theme Privilege Escalation / LFI / DoS / Access Control Issues

Posted May 18, 2022

Authored by Ramuel Gall | Site wordfence.com

Jupiter Theme versions 6.10.1 and below as well as JupiterX Core plugin versions 2.0.7 and below suffer from privilege escalation and post deletion vulnerabilities. JupiterX Theme versions 2.0.6 and below as well as JupiterX Core versions 2.0.6 and below suffer from plugin deactivation and setting modification flaws. JupiterX Theme versions 2.0.6 and below as well as Jupiter Theme versions 6.10.1 and below suffer from path traversal and local file inclusion vulnerabilities. Jupiter Theme versions 6.10.1 and below suffer from an arbitrary plugin deletion vulnerability. JupiterX Core plugin versions 2.0.6 and below suffer from information disclosure, modification, and denial of service vulnerabilities.

tags | advisory, denial of service, arbitrary, local, vulnerability, file inclusion, info disclosure

advisories | CVE-2022-1654, CVE-2022-1656, CVE-2022-1657, CVE-2022-1658, CVE-2022-1659

SHA-256 | 99977b76ad75b06f3f800ae91ea38ee20b0d9091a394d12146ce6e1c875bc515

Download | Favorite | View

IpMatcher 1.0.4.1 Server-Side Request Forgery

Posted May 16, 2022

Authored by Sick Codes, Kelly Kaoudis

IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors.

tags | exploit, remote, denial of service, local, file inclusion

advisories | CVE-2021-33318

SHA-256 | 98c5f3ee4fded068839fc2a03bbd74be24dce6bd2b2774a8a477b3d476489bb1

Download | Favorite | View

DLINK DAP-1620 A1 1.01 Directory Traversal

Posted May 11, 2022

Authored by Momen Eldawakhly

DLINK DAP-1620 A1 version 1.01 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2021-46381

SHA-256 | afc86a4ac9803168c3b340a707e44de908ed61a99b24127201ce6cfc66f250d0

Download | Favorite | View

Bookeen Notea BK_R_1.0.5_20210608 Directory Traversal

Posted May 11, 2022

Authored by Clement Maillioux

Bookeen Notea version BK_R_1.0.5_20210608 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2021-45783

SHA-256 | b4f8088f63e0dd6deba0af400660ae6e9b5dffa1b7c6532d16deb85373a705e6

Download | Favorite | View

Razer Sila 2.0.418 Local File Inclusion

Posted Apr 11, 2022

Authored by Kevin Randall

Razer Sila versions 2.0.441_api through 2.0.418 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 6363e3e4801fa8c1578d66fb8a359d85cf16f7ebcee3a51f79ee9dadf54e6098

Download | Favorite | View

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

Posted Apr 11, 2022

Authored by Momen Eldawakhly

Franklin Fueling Systems Colibri Controller Module version 1.8.19.8580 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

advisories | CVE-2021-46417

SHA-256 | f45a40ee7fe8f2f856deb113c48a0f102823cf6b887757553709163f470b6fe5

Download | Favorite | View

School Club Application System 1.0 Local File Inclusion

Posted Apr 8, 2022

Authored by Hejap Zairy

School Club Application System version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 17bd0d3cb7cf42228054c107ccf213c2496968d88f3c3985ba246a2b46d81dc6

Download | Favorite | View

CSZCMS 1.3.0 SSRF / LFI / Remote Code Execution

Posted Apr 7, 2022

Authored by Hejap Zairy

CSZCMS version 1.3.0 server-side request forgery exploit that leverages local file inclusion to inject a remote shell.

tags | exploit, remote, shell, local, file inclusion

SHA-256 | 076778f725ea205cb5e59b34e6f765677401b4867ef7f2cfb8b18d6f76bd956a

Download | Favorite | View

FFS Colibri Controller Module 1.8.19.8580 Directory Traversal

Posted Apr 7, 2022

Authored by Momen Eldawakhly

FFS Colibri Controller Module version 1.8.19.8580 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2021-46417

SHA-256 | a87aa8abfd280a35d3fd98a400df1281dc024fd9b3addee9607c290829ef1e64

Download | Favorite | View

Bakery Shop Management System 1.0 Local File Inclusion

Posted Apr 6, 2022

Authored by Hejap Zairy

Bakery Shop Management System version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | aa065ce0f073bd7be709a575b12e3f9e230202ea50104f0f4965d894f8dfebd5

Download | Favorite | View

Barco Control Room Management Suite Directory Traversal

Posted Apr 4, 2022

Authored by Murat Aydemir

Barco Control Room Management Suite versions prior to 2.9 build 0275 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2022-26233

SHA-256 | b1ec333a285f727f101ec39e59974d8125d1c1f97f298850e6ec2b47b08d879f

Download | Favorite | View

Medical Hub Directory Site 1.0 Local File Inclusion

Posted Mar 30, 2022

Authored by Hejap Zairy

Medical Hub Directory Site version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | cd4822cdfbe0799d9da4d14ad9b06e2c18c4f3f1ea3b9ffdc72ec61ba4ca5ad0

Download | Favorite | View

WordPress Video-Synchro-PDF 1.7.4 Local File Inclusion

Posted Mar 30, 2022

Authored by Hassan Khan Yusufzai

WordPress Video-Synchro-PDF plugin version 1.7.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | f94520cb3421369e072051761bcdb9d992081457e9af1fbf068b1e7431481880

Download | Favorite | View

WordPress Cab-Fare-Calculator 1.0.3 Local File Inclusion

Posted Mar 30, 2022

Authored by Hassan Khan Yusufzai

WordPress Cab-Fare-Calculator plugin version 1.0.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 86ee0c35b5409a672125451f0cd0f8722c0e3f49332d9a986e3674880b8c4093

Download | Favorite | View

Message System 1.0 Local File Inclusion

Posted Mar 29, 2022

Authored by Hejap Zairy

Message System version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | d75e21e8a6211018162bbb7942d070f7c8405b2ef826d1256c7f25275857c3f6

Download | Favorite | View

Sports Complex Booking System 1.0 Local File Inclusion

Posted Mar 29, 2022

Authored by Hejap Zairy

Sports Complex Booking System version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | c37a2040e63761f072da506d3c0fb1c63067a2b28d02b4a6291592e84d8a1f0c

Download | Favorite | View

WordPress Admin Word Count Column 2.2 Local File Inclusion

Posted Mar 28, 2022

Authored by Hassan Khan Yusufzai

WordPress Admin Word Count Column plugin version 2.2 suffers from a file download vulnerability.

tags | exploit, file inclusion

SHA-256 | 301d6c8f9de04980968414839d4d8b897928d64ab026ed7f191cca33261c0f1d

Download | Favorite | View

PDF Generator Web App Using TCPDF 1.0 Local File Inclusion

Posted Mar 27, 2022

Authored by Hejap Zairy

PDF Generator Web App using TCPDF version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, web, local, file inclusion

SHA-256 | 5013a3785b03aba3a47fb9ee309921cdea926bb4f4bd39443e99fbbae9e3b795

Download | Favorite | View

Xerte 3.10.3 Directory Traversal

Posted Mar 2, 2022

Authored by Rik Lutz

Xerte versions 3.10.3 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2021-44665

SHA-256 | 49ae52920796657c51fe5f9fb19958017c4391308bec8821e989ce6db3777b02

Download | Favorite | View

Microweber CMS 1.2.10 Local File Inclusion

Posted Feb 23, 2022

Authored by Talha Karakumru | Site metasploit.com

Microweber CMS version 1.2.10 has a backup functionality that enables a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 6142d8811062699f8f87ae6d18474182b73f39fe90ed87e4773e25f514102aa5

Download | Favorite | View

aaPanel 6.8.21 Directory Traversal

Posted Feb 23, 2022

Authored by Fikrat Ghuliev

aaPanel version 6.8.21 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

SHA-256 | 838b61a813c16c65297d3d287ef9a25859063ba41febc4861bb94ac896d0ba99

Download | Favorite | View

Dbltek GoIP GHSFVT-1.1-67-5 Local File Inclusion

Posted Feb 21, 2022

Authored by Lassi Korhonen, Valtteri Lehtinen

Dbltek GoIP with firmware version GHSFVT-1.1-67-5 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 0d6bacc2c1374df5d970bb3cd46b2c784a546df1614076f108665a82cba4a43f

Download | Favorite | View

Kyocera Command Center RX ECOSYS M2035dn Directory Traversal

Posted Feb 11, 2022

Authored by Luis Martinez

Kyocera Command Center RX version ECOSYS M2035dn suffers from a directory traversal vulnerability that allows for file disclosure.

tags | exploit, file inclusion

SHA-256 | 89cfa42fe3449bfdce8a9117af9911c0470fdb7b8987a421e59b7dbeadeeebde

Download | Favorite | View

WordPress Simple Job Board 2.9.3 Local File Inclusion

Posted Feb 8, 2022

Authored by Ven3xy

WordPress Simple Job Board plugin version 2.9.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

advisories | CVE-2020-35749

SHA-256 | 1c0762cbbdf0cad69fbecfc2a0c104e5004578ae2a294ea6aa61444f545b85e5

Download | Favorite | View

Argo CD Path Traversal

Posted Feb 4, 2022

Authored by Moshe Zioni | Site github.com

Argo CD is vulnerable to a path traversal bug that allows to pass arbitrary values files to be consumed by Helm charts. Patches have been released for versions 2.3.0, 2.2.4, and 2.1.9.

tags | advisory, arbitrary, file inclusion

advisories | CVE-2022-24348

SHA-256 | c72ec87648df1bf1db82ddd2c376d6162184b99bceae3f511661c0a478686932

Download | Favorite | View