Vulnerability Category — Remote File Inclusion

Chinese name:
远程文件包含
Detail:
远程文件包含,简称 RFI,指服务利用程序文件包含函数包含远程文件,过滤不严导致可以包含服务器外的文件而导致问题产生。

Related Vulnerabilities

SSV ID Name
SSV-98134 Apache Tomcat Ajp协议文件包含漏洞
SSV-97821 Siteserver CMS 远程模板下载Getshell漏洞
SSV-91263 Zenphoto 1.4.11 - Remote File Inclusion
SSV-90521 ThinkSNS /thinksns/apps/weiba/Lib/Widget/WeibaReplyWidget/WeibaReplyWidget.class.php 任意文件包含漏洞
SSV-90505 ThinkSNS /thinksns/apps/w3g/Lib/Action/PublicAction.class.php 任意文件包含漏洞
SSV-90241 ThinkSAAS中tsUrlCheck()函数引发注入漏洞
SSV-90166 Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] 远程文件包含
SSV-89984 Gwolle Guestbook WordPress插件远程文件包含漏洞
SSV-89636 LANDESK Management Suite Remote File Include Vulnerability
SSV-89362 DedeCMS 5.7 SP1 /install/index.php 远程文件包含漏洞
SSV-89360 WordPress Really Simple Guest Post Plugin 1.0.6 /simple-guest-post-submit.php 远程文件包含
SSV-89056 PHPWind 7.5 /apps/groups/index.php 远程文件包含漏洞
SSV-87369 iFunBox Free 1.1 iOS - File Inclusion Vulnerability
SSV-87375 Magento Server MAGMI Plugin - Remote File Inclusion (RFI)
SSV-87289 OsClass 3.4.1 (index.php, file param) - Local File Inclusion
SSV-87275 LittleSite 0.1 'file' Parameter Local File Include Vulnerability
SSV-87233 Railo Remote File Include
SSV-87255 Photorange 1.0 iOS - File Inclusion Vulnerability
SSV-87214 WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability
SSV-87195 PhotoSync Wifi & Bluetooth 1.0 - File Include Vulnerability
SSV-87159 DirPHP 1.0 - LFI Vulnerability
SSV-87140 Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
SSV-87127 Photo Org WonderApplications 8.3 iOS - File Include Vulnerability
SSV-62608 ECstore 本地文件包含漏洞
SSV-62266 SOAPpy 0.12.5 多个漏洞
SSV-62655 CMSimple 4.4 /required_classes.php 远程文件包含漏洞
SSV-62261 Cobbler 2.4.x - 2.6.x 本地文件包含
SSV-62017 WordPress Ajax Pagination插件'admin-ajax.php'本地文件包含漏洞
SSV-61905 MeiuPic 'ctl'参数本地文件包含漏洞
SSV-61788 Vtiger CRM文件包含漏洞
SSV-61736 ClipShare Pro 'ubr_link_upload.php'本地文件包含漏洞
SSV-61722 IBM Tealeaf CX未明本地文件包含漏洞
SSV-61241 AFCommerce 'rootpathtocart'参数多个远程文件包含漏洞
SSV-61212 ThinkSAAS 2.0.1 thinksaas.php 本地文件包含漏洞
SSV-61203 Song Exporter v2.1.1 RS iOS文件包含漏洞
SSV-61096 Zimbra邮件系统文件包含漏洞
SSV-61098 大汉版通JCMS内容管理系统文件包含漏洞
SSV-60771 phpMyAdmin 'what'参数本地文件包含漏洞
SSV-60716 DedeCms 5.x 本地文件包含漏洞(respond方法)
SSV-60619 Wordpress Gallery插件'load'参数远程文件包含漏洞
SSV-60568 WordPress Browser Rejector 插件"wppath"远程文件包含漏洞
SSV-60525 Joomla! ZT Autolinks组件'controller'参数本地文件包含漏洞
SSV-60495 WordPress WP-Realty 插件'language'参数本地文件包含漏洞
SSV-60394 Joomla!/Mambo FCKeditor模块'Connector'本地文件包含漏洞
SSV-60295 phpcms V9 phpcms\modules\search\index.php 任意读文件
SSV-60289 Joomla Hello component suffers from a local file inclusion vulnerability.
SSV-60280 phpcms 2008多个文件包含漏洞
SSV-62285 php-cgi 5.3.12 cgi-main.c 远程文件包含漏洞
SSV-60086 Vbulletin 4.1.10 (functions_cron.php) Local file Include Vulnerabilities
SSV-60063 Invision Power Board 3.3/3.2.3 本地文件包含漏洞
SSV-60032 OpenCart 1.x 本地文件包含漏洞
SSV-88131 Bo-Blog 2.1.0 go.php 文件包含漏洞
SSV-88124 ShopEX 4.6 verifycode.php远程文件包含漏洞
SSV-88121 PHPWind 7.5 apps-share-index.php 文件包含漏洞
SSV-88120 Kuwebs 3.1.3 admin-index.php参数menu远程文件包含漏洞
SSV-30048 Joomla Component com_bch LFI Vulnerability
SSV-30047 Joomla Component com_sadnews LFI Vulnerability
SSV-30046 Joomla Component com_rule LFI Vulnerability
SSV-30020 phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection
SSV-26135 ECSHOP 2.6 calendar.php本地包含漏洞
SSV-26136 织梦(DEDE)CMS V5.3 覆盖任意变量导致远程包含漏洞
SSV-26079 PHPCMS_V9 (get_linkage.php) 本地文件包含漏洞
SSV-26074 PHPCMS_V9 /modules/comment/index.php 本地包含漏洞
SSV-26021 PHPCMS V9 (plugin.php)本地文件包含漏洞
SSV-24253 Wordpress enable-latex plugin Remote File Include Vulnerabilities
SSV-23171 VBulletin 4.1.7多个远程文件包含漏洞
SSV-23123 Joomla YJ Contact us Component Local File Inclusion Vulnerability
SSV-23112 Wordpress Mailing List 1.3.2远程文件包含漏洞
SSV-20900 WordPress Yoast v4.1.3 Local File Disclosure Vulnerability
SSV-20879 Joomla JoomTouch Component Local File Inclusion Vulnerability
SSV-20799 Joomla Component (com_obSuggest) Local File Inclusion Vulnerability
SSV-20758 Joomla Component JE K2 Story Submit Local File Inclusion Vulnerability
SSV-20446 S40 CMS 0.4.2b LFI Vulnerability
SSV-20410 webEdition CMS Local File Inclusion Vulnerability
SSV-20327 CmsEasp 2.0.0 LFI vulnerability
SSV-20304 Joomla Component Jotloader 2.2.1 Local File Inclusion Vulnerability
SSV-20295 Joomla JRadio Component (com_jradio) Local File Inclusion
SSV-20239 Joomla Component (com_img) LFI Vulnerability
SSV-20220 XAMPP <= 1.7.3 multiple vulnerabilites
SSV-20159 Exponent CMS v0.97 Multiple Vulnerabilities
SSV-20147 Tiki Wiki CMS Groupware 5.2 Multiple Vulnerabilities
SSV-19996 Joomla Component (com_joomla-visites) Remote File inclusion Vulnerability
SSV-19941 sphider v1.3.5 Remote File Inclusion Vulnerability
SSV-19931 pithcms (theme) Local Remote File inclusion Vulnerability
SSV-19932 ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities
SSV-19911 Sandbox 2.0.3 Multiple Remote Vulnerabilities
SSV-19898 Joomla Component Remository (com_remository) LFI
SSV-19866 织梦(Dedecms) V5.6 plus/carbuyaction.php 本地文件包含漏洞
SSV-19870 Joomla JE Event Calendar LFI Vulnerability
SSV-19860 phportal_1.2 (gunaysoft.php) Remote File Include Vulnerability
SSV-19819 Pithcms 0.9.5 Local File Include Vulnerability
SSV-19806 Nakid CMS "core[system_path]" File Inclusion Vulnerability
SSV-19789 Parallels System Automation (PSA) Local File Inclusion
SSV-19732 e107 0.7.21 remote file inclusion Vulnerabilities
SSV-19728 Joomla component SimpleDownload Local File Inclusion
SSV-19730 phpGraphys 0.9.13 and below Remote File Inclusion Vulnerability
SSV-19713 Symphony CMS Local File Inclusion Vulnerability
SSV-19698 Joomla Component MediQnA LFI vulnerability
SSV-19690 Joomla Component BeeHeard Lite Local File Inclusion Vulnerability
SSV-19668 phpGroupWare app参数本地文件包含漏洞
京ICP备10040895号 京公网安备 11010502034610号 Copyright @ 404 Team from Knownsec. 简体中文