Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.
85b5e3c8c9cb495114ef096e2616e76aSimple College Website version 1.0 suffers from a local file inclusion vulnerability.
86b49885d775e8eb45bc78ef1e69613aCar Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
3a68203e8a08bc0b1358a7badb0e67c3TestBox CFML Test Framework version 4.1.0 suffers from a directory traversal vulnerability.
88450fd3a243fe57d5806f5e6b84c134Medical Center Portal Management System released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
ebb1a8cb615f15dc9ac1503fc00676dcOnline News Portal versions released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
150d4a01deee247d05bff4f6b2ff5485SIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
288aba0ed822e5b2856245f6549208e1This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.
d988d9b9c395233084520c1b63a93177Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.
57c76870c76473a7da1cad2edd7fa766Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.
a16eb58aefe5f14c1f9c09c294a49bedOracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.
067512dbc1fd13c960d6837eb1c78dd9QSC Q-SYS Core Manager version 8.2.1 suffers from a TFTP related directory traversal vulnerability.
b8b44947a96dd18d16e85141c32b16c4Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.
88dac6a7e7cede1e94e86a14088dd82fHiSilicon Video Encoder versions up to 1.97 suffer from a path traversal vulnerability that allows for file disclosure.
cb4c6c75d9547eef7af977b49adf00a6Details for performing a local file inclusion attack on CS-Cart version 1.3.3, a really old version.
efd32d23b8016e8ae463a6c744326e4eCisco ASA and FTD version 9.6.4.42 suffer from a path traversal vulnerability.
48f25de33c55a08e792d3ab4713f7f58The Karel IP Phone IP1211 web management panel suffers from a directory traversal vulnerability.
39ad52c26c3918e666690e9425a9a8c1MonoCMS Blog version 1.0 suffers from arbitrary file deletion, cross site request forgery, and information disclosure vulnerabilities.
858c4bad79460948ebff42b9ed1fd0cdRed Hat Security Advisory 2020-3944-01 - Universal Office Converter is a command line tool to convert any document format that LibreOffice can import to any document format that LibreOffice can export. It makes use of the LibreOffice's UNO bindings for non-interactive conversion of documents. Issues addressed include local file inclusion and server-side request forgery vulnerabilities.
1a894e0156c35551711c8faebaf9c44bAll versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from path traversal vulnerabilities.
156aaf01e3f567caba60826f8c0e3305Ruijie Networks Switch eWeb S29_RGOS version 11.4 suffers from a directory traversal vulnerability.
d42793b9d2e5665d9a3c6433b256f461Adaptive Security Appliance Software version 9.11 local file inclusion exploit.
18674d1ac6566a743b27902123a8d30eF5 Big-IP versions 13.1.3 Build 0.0.6 and below suffer from a local file inclusion vulnerability.
b2e61907a263f05cda5368c904a3e106Bio Star version 2.8.2 suffers from a local file inclusion vulnerability.
27371df2c5b87c59458e1241e0ee2306Bludit version 3.9.2 suffers from a directory traversal vulnerability.
9c37d259cdc14c00be01226e03c282d4
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed