Home Assistant Community Store (HACS) version 1.10.0 suffers from a path traversal vulnerability that allows for account takeover.
06a8ea0658722e24ff3247bf292a001bb12ff1cf3cce3876e958d4add5ff945b
EyesOfNetwork version 5.3 suffers from a local file inclusion vulnerability.
7b04be37f3e094e3e01782b3d7e91c9ec9735c52192aa85b31383c4981224350
Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.
e60dde7a6fb3e57f25bc60645a9e6b12692e86e856f5127f0306b5a233418882
Gotenberg versions 6.2.0 and below suffer from directory traversal, code execution, and insecure permission vulnerabilities.
78afb81c3f13565ecf21d0d3ec82d21cd97235cd78fb39359e943354ed217fce
Rocket.Chat suffers from a path traversal vulnerability.
a823a92ff65ccf73b793d0906e547c53c9b8e1c3527968cc2868bbf6547c16d5
This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered.
4ea50cf867ab79c361dd72e12949f0f0d61e20bd60dd59c1e49252679fd3c7a8
Task Management System version 1.0 suffers from a local file inclusion vulnerability.
a07c22e636733ee06134ab3cbdf49c23ec2ec4c0bb20ebd8e528c0428139832a
Cisco ASA version 9.14.1.10 and FTD version 6.6.0.1 path traversal exploit. Original discovery of this vulnerability is attributed to 3ndG4me in October of 2020.
dfe0fcf7f0c733ce87bf53173ca792e20086cc5828ba3e9907aa3993b08bf8fe
Seacms version 11.1 suffers from a local file inclusion vulnerability.
42f308848eea10bd63b353933f6f2d4f0164f9e0439cbcbbae0e052baaa80db6
Advanced Component System (ACS) version 1.0 suffers from a path traversal vulnerability.
643713537d4e5a942c72e49449790b5a7445873f36295831510b9a872e94a886
Rukovoditel version 2.6.1 remote code execution exploit that leverages shell upload and local file inclusion vulnerabilities.
975b7ba7dfc1c500ea9e23d90655a5643b1a793677defc9ec265442ecab49fce
Sony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.
f28b912bc2e9ec641f492478e48e1e97b8908f617e7d6c69a1aed77fda0c5b63
Simple College Website version 1.0 suffers from a local file inclusion vulnerability.
b44cab5ff0eba5512a4197a21f1083bfd568a5df97fcbdc76ab70a201b0c942b
Car Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
6c3a9ab09332b9462a85ae9a62c07b1da59b5a0539c1fe4f64d0e752f209eb9f
TestBox CFML Test Framework version 4.1.0 suffers from a directory traversal vulnerability.
564d7395708184ec2af19cd4ab16e8142690010142bb9ee73b933525fb89b775
Medical Center Portal Management System released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
8e6175074c755003cac3b3ede902d640341b884dc164fcbb63e668efd47026e6
Online News Portal versions released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
74ab39452d63be71dbaad51002bac3f3a74dc4f703af69bdcba9172fc4e3d07b
SIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
5265804569866a12a9641ca1a815352cb45dd364d43c7a6445548094e751f265
This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.
70dc89253162a6b119c3d606f6c3f8993ac2cf75090d967905fead6d2ddd4d90
Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.
265f8f9a7f046f98dbd5f9fbc1abc8290c7b6b5ec21aafa90f84f680769abe58
Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.
d638156394b1d9cb10b76acc41643fc8694591f2e067046515232d3f2805d643
Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.
1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5
QSC Q-SYS Core Manager version 8.2.1 suffers from a TFTP related directory traversal vulnerability.
76bf0314b2878aee4c5683f5b47353493f1439a510c2c3ba7b37d2f9048e5adb
Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.
f2bc6f68dc2b4bd21fb631c93a8683313c5d45427901f02a6f6ede52fb900613
HiSilicon Video Encoder versions up to 1.97 suffer from a path traversal vulnerability that allows for file disclosure.
91b0358f4f356a41132c0c5394b117b7e04588a9da733688c0943a0b218519e3