what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 4,281 RSS Feed

File Inclusion Files

Red Hat Security Advisory 2024-9315-03
Posted Nov 13, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-9315-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow, denial of service, double free, information leakage, integer overflow, memory leak, null pointer, out of bounds access, out of bounds read, remote file inclusion, and use-after-free vulnerabilities.

tags | advisory, remote, denial of service, overflow, kernel, vulnerability, memory leak, file inclusion
systems | linux, redhat
advisories | CVE-2019-25162
SHA-256 | 32308f49513c3b581bb9c141ba5087f4778c169dc1ab2498edc6b4de6282aef1
Helper 0.1
Posted Oct 21, 2024
Authored by Emiliano Febbi | Site nullsite.altervista.org

Helper is an enumerator written in PHP that helps identify directories on webservers that could be targets for things like cross site scripting, local file inclusion, remote shell upload, and remote SQL injection vulnerabilities.

tags | tool, remote, shell, local, scanner, php, vulnerability, xss, sql injection, file inclusion
systems | unix
SHA-256 | d393a8fbc83a7853129734872e32346a0060fce6cc2859479ba80540d7ca06af
TerraMaster TOS 4.2.29 Code Injection / Local File Inclusion
Posted Oct 11, 2024
Authored by indoushka

TerraMaster TOS version 4.2.29 suffers from a remote code injection vulnerability leveraging a local file inclusion vulnerability.

tags | exploit, remote, local, file inclusion
SHA-256 | 47788fafaa57a0578fe61fae3aba9174fdcd4e9caddb1374b93de92e53260e4a
Sample Blog Site 1.0 Cross Site Scripting / Remote File Inclusion
Posted Sep 30, 2024
Authored by indoushka

Sample Blog Site version 1.0 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, xss, file inclusion
SHA-256 | 9eb4f98f6b5aa7c6a2b152f6a928201fce3e01efc03aed42ffeb58be9416ad69
Seo Panel 4.10.0 Remote File Inclusion
Posted Sep 27, 2024
Authored by indoushka

Seo Panel version 4.10.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 2fdf761dbcf0a177ff1181fce94ad134d7bd768b3f71e66a322977609630415f
Sample Blog Site 1.0 Remote File Inclusion
Posted Sep 27, 2024
Authored by indoushka

Sample Blog Site version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 4f6ee68a6c536fed1167da6a84c5b39fb5d6773e2ab01a72d0112f0d091435a9
Invesalius 3.1.99995 Arbitrary File Write / Directory Traversal
Posted Sep 23, 2024
Authored by Riccardo Degli Esposti

Proof of concept python3 code that creates a malicious payload to exploit an arbitrary file write via directory traversal in Invesalius version 3.1. In particular the exploitation steps of this vulnerability involve the use of a specifically crafted .inv3 (a custom extension for InVesalius) that is indeed a tar file file which, once imported inside the victim's client application allows an attacker to write files and folders on the disk.

tags | exploit, arbitrary, proof of concept, file inclusion
advisories | CVE-2024-44825
SHA-256 | 3e2115a5ac5563793a0f2c821d2286084e05076d87ec7793c02b372c65ca4475
BlackNET 3.7.0.0 Missing Authentication / File Deletion / Traversal
Posted Sep 20, 2024
Authored by bRpsd

BlackNET version 3.7.0.0 appears to allow unauthenticated access to modify data and suffers from arbitrary file deletion and directory traversal vulnerabilities while authenticated.

tags | exploit, arbitrary, vulnerability, file inclusion
SHA-256 | 6e54154264109ce0380fee45cc8dba495239a6e22843e4f8d07ddd298e5af855
Online Survey System 1.0 Cross Site Scripting / Remote File Inclusion
Posted Sep 11, 2024
Authored by indoushka

Online Survey System version 1.0 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, xss, file inclusion
SHA-256 | 0573d4aa4fad74ba21dfae8c95d8a0ef8922ce6bbbf5c65fcd1a8b98424e3d9e
Online Survey System 1.0 Remote File Inclusion
Posted Sep 10, 2024
Authored by indoushka

Online Survey System version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 9ac49e540003cc98bbab6ed47333ffe2f4616bc3a383f48fe3a342e9a7dd83cc
Apache Axis2 1.4.1 Local File Inclusion
Posted Sep 1, 2024
Authored by Tiago Ferreira | Site metasploit.com

This Metasploit module exploits an Apache Axis2 v1.4.1 local file inclusion (LFI) vulnerability. By loading a local XML file which contains a cleartext username and password, attackers can trivially recover authentication credentials to Axis services.

tags | exploit, local, file inclusion
SHA-256 | 50104ff91cd322fe465188779cfaa98819e42e8898505fa53d0efc5a47d67e68
Supra Smart Cloud TV Remote File Inclusion
Posted Aug 31, 2024
Authored by wvu, Dhiraj Mishra | Site metasploit.com

This Metasploit module exploits an unauthenticated remote file inclusion which exists in Supra Smart Cloud TV. The media control for the device doesnt have any session management or authentication. Leveraging this, an attacker on the local network can send a crafted request to broadcast a fake video.

tags | exploit, remote, local, file inclusion
advisories | CVE-2019-12477
SHA-256 | 4f628334a1d4a905d86ed3e418a091bc45e99144a8e83f1ac6d4d534bdfe0adf
Ray Static Arbitrary File Read
Posted Aug 31, 2024
Authored by byt3bl33d3r, Takahiro Yokoyama, danmcinerney | Site metasploit.com

Ray versions prior to 2.8.1 are vulnerable to a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2023-6020
SHA-256 | bd052a339883d4fb2b7584d0b637a7cf11576c8925a84f832d496feb70c87eff
QNAP QTS and Photo Station Local File Inclusion
Posted Aug 31, 2024
Authored by Henry Huang, Redouane Niboucha | Site metasploit.com

This Metasploit module exploits a local file inclusion in QNAP QTS and Photo Station that allows an unauthenticated attacker to download files from the QNAP filesystem. Because the HTTP server runs as root, it is possible to access sensitive files, such as SSH private keys and password hashes. This Metasploit module has been tested on QTS 4.3.3 (unknown Photo Station version) and QTS 4.3.6 with Photo Station 5.7.9.

tags | exploit, web, local, root, file inclusion
advisories | CVE-2019-7192, CVE-2019-7194, CVE-2019-7195
SHA-256 | 70107b0adbe195b76131c10cdea4a24c8ea076a3a1b93c6596908a86f7bcd91a
Webpay E-Commerce 1.0 Directory Traversal
Posted Aug 30, 2024
Authored by indoushka

Webpay E-Commerce version 1.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 95d09ce8c5598b697d3b00aaac726a002f69525139a53abe89bf0d0c71fcfd96
Laundry Management System 1.0 Remote File Inclusion
Posted Aug 28, 2024
Authored by indoushka

Laundry Management System version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 8fab3cbba3b63d49ce3f1398516dff725855194afb4b9b834d890bf1ab8dff45
miniProxy 1.0.0 Remote File Inclusion
Posted Aug 27, 2024
Authored by indoushka

miniProxy version 1.0.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 047d93955456ff76bf4deec8dd78b76d6fa4d853a8417d1dc141f9097b959a9b
Loan Management System 1.0 Remote File Inclusion
Posted Aug 27, 2024
Authored by indoushka

Loan Management System version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 2f2cc5727791f8bddc23fe859702870ea920208518f2390ce07b09959a99f153
FlatPress 1.3.1 Path Traversal
Posted Aug 15, 2024
Authored by indoushka

FlatPress version 1.3.1 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 93132facf1686cadc1ae8f70b92c43ad1314fd717d542ca0f3d2460a2af23e80
Farmacia Gama 1.0 File Inclusion
Posted Aug 9, 2024
Authored by indoushka

Farmacia Gama version 1.0 suffers from a file inclusion vulnerability.

tags | exploit, code execution, file inclusion
SHA-256 | da80354c20c11213cf9464c89b3c9342e5d18753a59bd94e104156db88b776d5
Red Hat Security Advisory 2024-5102-03
Posted Aug 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5102-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution, double free, memory leak, null pointer, remote file inclusion, and use-after-free vulnerabilities.

tags | advisory, remote, kernel, vulnerability, code execution, memory leak, file inclusion
systems | linux, redhat
advisories | CVE-2021-46939
SHA-256 | 271ebfd79d65d0fd7f0eaf5bfbcc5f0749c2bb655bb3ab858b0da3d97429fe08
Bleve Library Traversal
Posted Aug 8, 2024
Authored by rcorrea35 | Site github.com

This is a path traversal vulnerability that impacts the CreateIndexHandler and DeleteIndexHandler found within Bleve search library. These vulnerabilities enable the attacker to delete any directory owned by the user recursively, and create a new directory in any location which the server has write permissions to. This is Google's proof of concept exploit.

tags | exploit, vulnerability, proof of concept, file inclusion
SHA-256 | fa85d4f73ca7779ddd8389e832e0e1c1e86090421d04d1696926164a39351fbf
E-Commerce Site Using PHP PDO 1.0 Directory Traversal
Posted Aug 7, 2024
Authored by indoushka

E-Commerce Site using PHP PDO version 1.0 suffers from a directory traversal vulnerability.

tags | exploit, php, file inclusion
SHA-256 | dc27958888a7f9ea33c2b82b09c46ed99740992adc97c22cbcb4c4b71184b5d1
Devika 1 Path Traversal
Posted Aug 5, 2024
Authored by Alperen Ergel

Devika version 1 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2024-40422
SHA-256 | a1faa88d45aec3e4e47f6aaf83509670b4fb84ce15462308d2e7daa8d66d754c
Perten Instruments Process Plus Software 1.11.6507.0 LFI / Hardcoded Credentials
Posted Jul 23, 2024
Authored by T. Weber, S. Dietz | Site cyberdanube.com

Perten Instruments Process Plus Software versions 1.11.6507.0 and below suffer from local file inclusion, hardcoded credential, and execution with unnecessary privilege vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
advisories | CVE-2024-6911, CVE-2024-6912, CVE-2024-6913
SHA-256 | 92c6be9a95dec36f75c305fd1ec54275736478e25459c036cab67f945826b0f2
Page 1 of 172
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close