Home Assistant Community Store (HACS) version 1.10.0 suffers from a path traversal vulnerability that allows for account takeover.
06a8ea0658722e24ff3247bf292a001bb12ff1cf3cce3876e958d4add5ff945bEyesOfNetwork version 5.3 suffers from a local file inclusion vulnerability.
7b04be37f3e094e3e01782b3d7e91c9ec9735c52192aa85b31383c4981224350Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.
e60dde7a6fb3e57f25bc60645a9e6b12692e86e856f5127f0306b5a233418882Gotenberg versions 6.2.0 and below suffer from directory traversal, code execution, and insecure permission vulnerabilities.
78afb81c3f13565ecf21d0d3ec82d21cd97235cd78fb39359e943354ed217fceRocket.Chat suffers from a path traversal vulnerability.
a823a92ff65ccf73b793d0906e547c53c9b8e1c3527968cc2868bbf6547c16d5This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered.
4ea50cf867ab79c361dd72e12949f0f0d61e20bd60dd59c1e49252679fd3c7a8Task Management System version 1.0 suffers from a local file inclusion vulnerability.
a07c22e636733ee06134ab3cbdf49c23ec2ec4c0bb20ebd8e528c0428139832aCisco ASA version 9.14.1.10 and FTD version 6.6.0.1 path traversal exploit. Original discovery of this vulnerability is attributed to 3ndG4me in October of 2020.
dfe0fcf7f0c733ce87bf53173ca792e20086cc5828ba3e9907aa3993b08bf8feSeacms version 11.1 suffers from a local file inclusion vulnerability.
42f308848eea10bd63b353933f6f2d4f0164f9e0439cbcbbae0e052baaa80db6Advanced Component System (ACS) version 1.0 suffers from a path traversal vulnerability.
643713537d4e5a942c72e49449790b5a7445873f36295831510b9a872e94a886Rukovoditel version 2.6.1 remote code execution exploit that leverages shell upload and local file inclusion vulnerabilities.
975b7ba7dfc1c500ea9e23d90655a5643b1a793677defc9ec265442ecab49fceSony BRAVIA Digital Signage versions 1.7.8 and below are vulnerable to a remote file inclusion vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking of the current session of the user, execute cross-site scripting code, or changing the look of the page and content modification on current display.
f28b912bc2e9ec641f492478e48e1e97b8908f617e7d6c69a1aed77fda0c5b63Simple College Website version 1.0 suffers from a local file inclusion vulnerability.
b44cab5ff0eba5512a4197a21f1083bfd568a5df97fcbdc76ab70a201b0c942bCar Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
6c3a9ab09332b9462a85ae9a62c07b1da59b5a0539c1fe4f64d0e752f209eb9fTestBox CFML Test Framework version 4.1.0 suffers from a directory traversal vulnerability.
564d7395708184ec2af19cd4ab16e8142690010142bb9ee73b933525fb89b775Medical Center Portal Management System released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
8e6175074c755003cac3b3ede902d640341b884dc164fcbb63e668efd47026e6Online News Portal versions released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
74ab39452d63be71dbaad51002bac3f3a74dc4f703af69bdcba9172fc4e3d07bSIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
5265804569866a12a9641ca1a815352cb45dd364d43c7a6445548094e751f265This Metasploit module exploits a local file inclusion vulnerability in Citrix ADC Netscaler.
70dc89253162a6b119c3d606f6c3f8993ac2cf75090d967905fead6d2ddd4d90Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.
265f8f9a7f046f98dbd5f9fbc1abc8290c7b6b5ec21aafa90f84f680769abe58Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.
d638156394b1d9cb10b76acc41643fc8694591f2e067046515232d3f2805d643Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.
1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5QSC Q-SYS Core Manager version 8.2.1 suffers from a TFTP related directory traversal vulnerability.
76bf0314b2878aee4c5683f5b47353493f1439a510c2c3ba7b37d2f9048e5adbHrsale version 2.0.0 suffers from a local file inclusion vulnerability.
f2bc6f68dc2b4bd21fb631c93a8683313c5d45427901f02a6f6ede52fb900613HiSilicon Video Encoder versions up to 1.97 suffer from a path traversal vulnerability that allows for file disclosure.
91b0358f4f356a41132c0c5394b117b7e04588a9da733688c0943a0b218519e3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed