漏洞分类 - 远程文件包含 - Remote File Inclusion - 知道创宇 Seebug 漏洞平台

漏洞分类 — 远程文件包含

英文名字: Remote File Inclusion

漏洞详情：: 远程文件包含，简称 RFI，指服务利用程序文件包含函数包含远程文件，过滤不严导致可以包含服务器外的文件而导致问题产生。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-19643	2010-05-18		CMSQLite <= 1.2 mod参数本地文件包含漏洞		994 \| 0
SSV-19633	2010-05-16		Joomla Component MS Comment LFI Vulnerability		966 \| 0
SSV-19625	2010-05-14		Joomla Component Seber Cart (getPic.php) Local File Disclosure Vulnerability		827 \| 0
SSV-19601	2010-05-13		Joomla Custom PHP Pages Component com_php LFI Vulnerability		862 \| 0
SSV-19517	2010-04-28		Joomla Component graphics (com_graphics) v1.0.6 LFI Vulnerability		802 \| 0
SSV-19492	2010-04-22		Joomla! AWDwall Components SQL Injection and Local File Inclusion Vulnerabilities		845 \| 0
SSV-19473	2010-04-19		Joomla Component Archery Scores (com_archeryscores) v1.0.6 LFI Vulnerability		937 \| 0
SSV-19477	2010-04-19		Joomla Component iF surfALERT com_if_surfalert Local File Inclusion Vulnerability		852 \| 0
SSV-19472	2010-04-19		Joomla Component Gadget Factory com_gadgetfactory Local File Inclusion Vulnerability		916 \| 0
SSV-19464	2010-04-15		Joomla Component BeeHeard Lite com_beeheard Local File Inclusion Vulnerability		818 \| 0
SSV-19443	2010-04-12		HotNews 0.7.2 Remote File Inclusion Vulnerability		747 \| 0
SSV-19426	2010-04-09		Joomla Component Webee Comments Local File Inclusion Vulnerability		866 \| 0
SSV-19431	2010-04-09		Joomla webERPcustomer Component "controller" Local File Inclusion Vulnerability		844 \| 0
SSV-19418	2010-04-09		Joomla Component Realtyna Translator Local File Inclusion Vulnerability		998 \| 0
SSV-19417	2010-04-08		Joomla Component aWiki com_awiki Local File Inclusion		807 \| 0
SSV-19413	2010-04-08		Plume CMS 1.2.4 Multiple Local File Inclusion Vulnerabilities		943 \| 0
SSV-19407	2010-04-07		Joomla Component Affiliate Feeds com_datafeeds Local File Inclusion Vulnerability		786 \| 0
SSV-19406	2010-04-07		Joomla Component Appointment com_appointment Local File Inclusion Vulnerability		827 \| 0
SSV-19392	2010-04-06		Joomla Component com_shoutbox LFI Vulnerability		871 \| 0
SSV-19393	2010-04-06		Joomla Component com_loginbox LFI Vulnerability		813 \| 0
SSV-19367	2010-03-31		Joomla Component DW Graph Local File Inclusion		957 \| 0
SSV-19378	2010-03-31		Pepsi CMS (Irmin cms) pepsi-0.6-BETA2 Multiple Local File Vulnerability		772 \| 0
SSV-19349	2010-03-26		Direct News 4.10.2 Multiple Remote File Include Vulnerability		783 \| 0
SSV-19327	2010-03-24		Joomla Component SMEStorage Local File Inclusion		790 \| 0
SSV-19319	2010-03-23		Joomla component com_jwmmxtd <= Remote File Inclusion Vulnerability		849 \| 0
SSV-19300	2010-03-20		joomla component & plugin JE Tooltip Local File Inclusion		830 \| 0
SSV-19291	2010-03-18		SOFTSAURUS 2.01 Multiple Remote File Include Vulnerabilities		811 \| 0
SSV-19290	2010-03-18		Nensor CMS 2.01 Multiple Remote Vulnerabilities		797 \| 0
SSV-19275	2010-03-16		Joomla Component com_rokdownloads - Local File Inclusion		881 \| 0
SSV-19233	2010-03-06		ShopEx <= 4.7 verifycode.php 远程包含漏洞		906 \| 0
SSV-19218	2010-03-04		Gnat-TGP <= 1.2.20 Remote File Include Vulnerability		829 \| 0
SSV-19161	2010-02-21		Joomla Component com_communitypolls LFI Vulnerability		998 \| 0
SSV-19130	2010-02-19		Joomla Component com_otzivi Local File Inclusion Vulnerability		948 \| 0
SSV-19084	2010-02-08		Cpanel Image Manager Local File Include Exploit		1286 \| 0
SSV-19092	2010-02-08		EncapsCMS <= 0.3.6 (config[path]) Remote File Include Vulnerability		782 \| 0
SSV-19065	2010-02-05		Phpwind7.5 后台本地包含漏洞		2053 \| 0
SSV-19024	2010-01-29		Joomla Component com_ccnewsletter LFI Vulnerability		999 \| 0
SSV-15219	2010-01-10		phpwind 7.5 apps/share/index.php远程包含漏洞		1819 \| 0
SSV-15218	2010-01-10		phpwind 7.5 api/class_base.php Include Vulnerabilities		1197 \| 0
SSV-15220	2010-01-10		phpwind 7.5 apps/groups/index.php远程包含漏洞		1798 \| 0
SSV-18884	2009-12-31		Weatimages Directory Traversal and LFI Vulnerabilities		797 \| 0
SSV-18879	2009-12-31		pL-PHP <= beta 0.9 Local File Include Exploit		781 \| 0
SSV-87932	2009-12-31		WordPress FireStats 模块远程文件包含漏洞		918 \| 0
SSV-18886	2009-12-31		AdaptBB 1.0 RFI Vulnerability		793 \| 0
SSV-18883	2009-12-31		fileNice php file browser RFI and LFI Vulnerabilities		870 \| 0
SSV-18841	2009-12-30		UBB.threads v6 RFI Vulnerability		779 \| 0
SSV-87880	2009-12-30		phpbb 1.2.4RC3 download.php 远程文件包含漏洞		1690 \| 0
SSV-15158	2009-12-29		DBHCMS Web Content Management System v1.1.4 RFI Vulnerability		831 \| 0
SSV-18824	2009-12-29		ActiveKB RFI Vulnerability		822 \| 0
SSV-18801	2009-12-28		Joomla Component com_if_nexus Remote File Include		889 \| 0
SSV-88024	2009-12-28		phpcms 2.4 guestbook.php default.php 远程文件包含漏洞		1253 \| 0
SSV-18773	2009-12-27		Joomla Component com_morfeoshow RFI Vulnerability		925 \| 0
SSV-18742	2009-12-26		FreeForum 1.7 RFI Vulnerability		780 \| 0
SSV-18733	2009-12-26		Upload-Point 1.6 Beta Upload Shell Vulnerability		818 \| 0
SSV-18746	2009-12-26		e-pay 1.55 RFI Vulnerability		816 \| 0
SSV-18736	2009-12-26		SaphpLesson 4.0 food RFI Vulnerability		874 \| 0
SSV-18735	2009-12-26		CactuShop v6 Database Disclosure Vulnerability		787 \| 0
SSV-18737	2009-12-26		FlatPress Cross Site Scripting Vulnerability		8435 \| 0
SSV-18755	2009-12-26		MyCart shopping cart Upload Shell Vulnerability		759 \| 0
SSV-18729	2009-12-26		E-Pay RFI Vulnerability		814 \| 0
SSV-18763	2009-12-26		Esinti Web Design Gold Defter Database Disclosure Vulnerability		744 \| 0
SSV-18756	2009-12-26		osCommerce online Shop Backup		769 \| 0
SSV-18771	2009-12-26		Nuked-Klan 1.7.7 RFI Vulnerability		920 \| 0
SSV-18762	2009-12-26		Nuked-Klan SP4 RFI Vulnerability		1067 \| 0
SSV-18757	2009-12-26		MyShoutPro v1.2 Final Cross Site Scripting Vulnerability		737 \| 0
SSV-18749	2009-12-26		Image File Upload Upload Shell Vulnerability		766 \| 0
SSV-18768	2009-12-26		ta3arof [dating] Script Arabic Version Upload Shell Vulnerability		774 \| 0
SSV-18772	2009-12-26		PHP Uploader Downloader v2.0 Cross Site Scripting Vulnerability		786 \| 0
SSV-18769	2009-12-26		PHP Uploader Downloader v2.0 Upload Shell Vulnerability		796 \| 0
SSV-18750	2009-12-26		HowMany V2.6 RFI Vulnerability		812 \| 0
SSV-18770	2009-12-26		PHP Football Version : 1.0 Cross Site Scripting Vulnerability		783 \| 0
SSV-18740	2009-12-26		EZPX My photoblog v1.2 Upload Shell Vulnerability		851 \| 0
SSV-18725	2009-12-26		worksystem 4.0.5 RFI Vulnerability		838 \| 0
SSV-18739	2009-12-26		IMG2ASCII Cross Site Scripting Vulnerability		783 \| 0
SSV-18738	2009-12-26		file upload Ar Version Upload Shell Vulnerability		780 \| 0
SSV-18734	2009-12-26		Best Top List v2.11 Upload Shell Vulnerability		774 \| 0
SSV-18747	2009-12-26		e-cart 3.0 Multiple Vulnerabilities		779 \| 0
SSV-18731	2009-12-26		Dros RFI Vulnerability		764 \| 0
SSV-18743	2009-12-26		ES Simple Uploader v 1.1 Upload Shell Vulnerability		793 \| 0
SSV-18741	2009-12-26		FreeForum 1.7 Cross Site Scripting Vulnerability		779 \| 0
SSV-18744	2009-12-26		Lizard Cart Upload Shell Vulnerability		827 \| 0
SSV-18754	2009-12-26		Gallery v2.3 RFI Vulnerability		1026 \| 0
SSV-18748	2009-12-26		dB Masters Multimedia Insecure Cookie Handling Vulnerability		805 \| 0
SSV-18745	2009-12-26		epay Backup Vulnerability		797 \| 0
SSV-18732	2009-12-26		TomatoCart Backup Vulnerability		815 \| 0
SSV-18767	2009-12-26		DBHCMS - Web Content Management System v1.1.4 RFI Vulnerability		835 \| 0
SSV-18726	2009-12-26		PHPShop Version 0.6 by pass Vulnerability		781 \| 0
SSV-18730	2009-12-26		SAIBAL DOWNLOAD AREA V.2.0 Upload Shell Vulnerability		830 \| 0
SSV-15140	2009-12-25		PHP-Calendar configfile变量远程文件包含漏洞		542 \| 0
SSV-18702	2009-12-25		Winn Guestbook V2.4 Winn.ws Cross Site Scripting Vulnerability		856 \| 0
SSV-18704	2009-12-25		Best Top List Cross Site Scripting Vulnerability		781 \| 0
SSV-18701	2009-12-25		asaher pro 1.0 RFI Vulnerability		738 \| 0
SSV-18703	2009-12-25		APHP ImgList 1.2.2 Cross Site Scripting Vulnerability		761 \| 0
SSV-15132	2009-12-23		phpLDAPadmin cmd参数本地文件包含漏洞		763 \| 0
SSV-15118	2009-12-22		phpPollScript <= 1.3 Remote File Include Vulnerability		762 \| 0
SSV-15123	2009-12-22		Joomla Component com_jcalpro Remote FiLe include RFI		882 \| 0
SSV-15121	2009-12-22		Simple PHP Blog <= 0.5.1 Local File Include vulnerability		762 \| 0
SSV-87676	2009-12-21		phpMyAdmin 2.7.0 全局变量覆盖导致文件包含漏洞		1720 \| 0
SSV-18624	2009-12-20		Explorer V7.20 Cross Site Scripting Vulnerability		764 \| 0
SSV-18623	2009-12-19		Linux - setreuid (0 0) & execve(/bin/rm /etc/shadow)		855 \| 0

1
2
3
4
5
6
7
...
22