漏洞分类 - 远程文件包含 - Remote File Inclusion - 知道创宇 Seebug 漏洞平台

漏洞分类 — 远程文件包含

英文名字: Remote File Inclusion

漏洞详情：: 远程文件包含，简称 RFI，指服务利用程序文件包含函数包含远程文件，过滤不严导致可以包含服务器外的文件而导致问题产生。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-19643	2010-05-18		CMSQLite <= 1.2 mod参数本地文件包含漏洞		1175 \| 0
SSV-19633	2010-05-16		Joomla Component MS Comment LFI Vulnerability		1031 \| 0
SSV-19625	2010-05-14		Joomla Component Seber Cart (getPic.php) Local File Disclosure Vulnerability		890 \| 0
SSV-19601	2010-05-13		Joomla Custom PHP Pages Component com_php LFI Vulnerability		934 \| 0
SSV-19517	2010-04-28		Joomla Component graphics (com_graphics) v1.0.6 LFI Vulnerability		862 \| 0
SSV-19492	2010-04-22		Joomla! AWDwall Components SQL Injection and Local File Inclusion Vulnerabilities		913 \| 0
SSV-19473	2010-04-19		Joomla Component Archery Scores (com_archeryscores) v1.0.6 LFI Vulnerability		1014 \| 0
SSV-19477	2010-04-19		Joomla Component iF surfALERT com_if_surfalert Local File Inclusion Vulnerability		920 \| 0
SSV-19472	2010-04-19		Joomla Component Gadget Factory com_gadgetfactory Local File Inclusion Vulnerability		986 \| 0
SSV-19464	2010-04-15		Joomla Component BeeHeard Lite com_beeheard Local File Inclusion Vulnerability		891 \| 0
SSV-19443	2010-04-12		HotNews 0.7.2 Remote File Inclusion Vulnerability		804 \| 0
SSV-19418	2010-04-09		Joomla Component Realtyna Translator Local File Inclusion Vulnerability		1057 \| 0
SSV-19431	2010-04-09		Joomla webERPcustomer Component "controller" Local File Inclusion Vulnerability		929 \| 0
SSV-19426	2010-04-09		Joomla Component Webee Comments Local File Inclusion Vulnerability		944 \| 0
SSV-19413	2010-04-08		Plume CMS 1.2.4 Multiple Local File Inclusion Vulnerabilities		1038 \| 0
SSV-19417	2010-04-08		Joomla Component aWiki com_awiki Local File Inclusion		873 \| 0
SSV-19407	2010-04-07		Joomla Component Affiliate Feeds com_datafeeds Local File Inclusion Vulnerability		859 \| 0
SSV-19406	2010-04-07		Joomla Component Appointment com_appointment Local File Inclusion Vulnerability		891 \| 0
SSV-19392	2010-04-06		Joomla Component com_shoutbox LFI Vulnerability		940 \| 0
SSV-19393	2010-04-06		Joomla Component com_loginbox LFI Vulnerability		877 \| 0
SSV-19367	2010-03-31		Joomla Component DW Graph Local File Inclusion		1037 \| 0
SSV-19378	2010-03-31		Pepsi CMS (Irmin cms) pepsi-0.6-BETA2 Multiple Local File Vulnerability		840 \| 0
SSV-19349	2010-03-26		Direct News 4.10.2 Multiple Remote File Include Vulnerability		842 \| 0
SSV-19327	2010-03-24		Joomla Component SMEStorage Local File Inclusion		841 \| 0
SSV-19319	2010-03-23		Joomla component com_jwmmxtd <= Remote File Inclusion Vulnerability		928 \| 0
SSV-19300	2010-03-20		joomla component & plugin JE Tooltip Local File Inclusion		898 \| 0
SSV-19291	2010-03-18		SOFTSAURUS 2.01 Multiple Remote File Include Vulnerabilities		873 \| 0
SSV-19290	2010-03-18		Nensor CMS 2.01 Multiple Remote Vulnerabilities		859 \| 0
SSV-19275	2010-03-16		Joomla Component com_rokdownloads - Local File Inclusion		948 \| 0
SSV-19233	2010-03-06		ShopEx <= 4.7 verifycode.php 远程包含漏洞		990 \| 0
SSV-19218	2010-03-04		Gnat-TGP <= 1.2.20 Remote File Include Vulnerability		890 \| 0
SSV-19161	2010-02-21		Joomla Component com_communitypolls LFI Vulnerability		1094 \| 0
SSV-19130	2010-02-19		Joomla Component com_otzivi Local File Inclusion Vulnerability		1017 \| 0
SSV-19084	2010-02-08		Cpanel Image Manager Local File Include Exploit		1507 \| 0
SSV-19092	2010-02-08		EncapsCMS <= 0.3.6 (config[path]) Remote File Include Vulnerability		844 \| 0
SSV-19065	2010-02-05		Phpwind7.5 后台本地包含漏洞		2262 \| 0
SSV-19024	2010-01-29		Joomla Component com_ccnewsletter LFI Vulnerability		1091 \| 0
SSV-15219	2010-01-10		phpwind 7.5 apps/share/index.php远程包含漏洞		2440 \| 0
SSV-15218	2010-01-10		phpwind 7.5 api/class_base.php Include Vulnerabilities		1518 \| 0
SSV-15220	2010-01-10		phpwind 7.5 apps/groups/index.php远程包含漏洞		2073 \| 0
SSV-87932	2009-12-31		WordPress FireStats 模块远程文件包含漏洞		993 \| 0
SSV-18883	2009-12-31		fileNice php file browser RFI and LFI Vulnerabilities		935 \| 0
SSV-18879	2009-12-31		pL-PHP <= beta 0.9 Local File Include Exploit		851 \| 0
SSV-18886	2009-12-31		AdaptBB 1.0 RFI Vulnerability		852 \| 0
SSV-18884	2009-12-31		Weatimages Directory Traversal and LFI Vulnerabilities		865 \| 0
SSV-87880	2009-12-30		phpbb 1.2.4RC3 download.php 远程文件包含漏洞		1916 \| 0
SSV-18841	2009-12-30		UBB.threads v6 RFI Vulnerability		838 \| 0
SSV-18824	2009-12-29		ActiveKB RFI Vulnerability		884 \| 0
SSV-15158	2009-12-29		DBHCMS Web Content Management System v1.1.4 RFI Vulnerability		889 \| 0
SSV-88024	2009-12-28		phpcms 2.4 guestbook.php default.php 远程文件包含漏洞		1317 \| 0
SSV-18801	2009-12-28		Joomla Component com_if_nexus Remote File Include		947 \| 0
SSV-18773	2009-12-27		Joomla Component com_morfeoshow RFI Vulnerability		989 \| 0
SSV-18767	2009-12-26		DBHCMS - Web Content Management System v1.1.4 RFI Vulnerability		896 \| 0
SSV-18737	2009-12-26		FlatPress Cross Site Scripting Vulnerability		8689 \| 0
SSV-18750	2009-12-26		HowMany V2.6 RFI Vulnerability		868 \| 0
SSV-18756	2009-12-26		osCommerce online Shop Backup		822 \| 0
SSV-18763	2009-12-26		Esinti Web Design Gold Defter Database Disclosure Vulnerability		807 \| 0
SSV-18771	2009-12-26		Nuked-Klan 1.7.7 RFI Vulnerability		981 \| 0
SSV-18769	2009-12-26		PHP Uploader Downloader v2.0 Upload Shell Vulnerability		849 \| 0
SSV-18726	2009-12-26		PHPShop Version 0.6 by pass Vulnerability		853 \| 0
SSV-18744	2009-12-26		Lizard Cart Upload Shell Vulnerability		897 \| 0
SSV-18746	2009-12-26		e-pay 1.55 RFI Vulnerability		891 \| 0
SSV-18734	2009-12-26		Best Top List v2.11 Upload Shell Vulnerability		834 \| 0
SSV-18733	2009-12-26		Upload-Point 1.6 Beta Upload Shell Vulnerability		871 \| 0
SSV-18741	2009-12-26		FreeForum 1.7 Cross Site Scripting Vulnerability		839 \| 0
SSV-18757	2009-12-26		MyShoutPro v1.2 Final Cross Site Scripting Vulnerability		796 \| 0
SSV-18768	2009-12-26		ta3arof [dating] Script Arabic Version Upload Shell Vulnerability		837 \| 0
SSV-18762	2009-12-26		Nuked-Klan SP4 RFI Vulnerability		1116 \| 0
SSV-18740	2009-12-26		EZPX My photoblog v1.2 Upload Shell Vulnerability		922 \| 0
SSV-18742	2009-12-26		FreeForum 1.7 RFI Vulnerability		842 \| 0
SSV-18748	2009-12-26		dB Masters Multimedia Insecure Cookie Handling Vulnerability		860 \| 0
SSV-18735	2009-12-26		CactuShop v6 Database Disclosure Vulnerability		868 \| 0
SSV-18754	2009-12-26		Gallery v2.3 RFI Vulnerability		1086 \| 0
SSV-18749	2009-12-26		Image File Upload Upload Shell Vulnerability		826 \| 0
SSV-18730	2009-12-26		SAIBAL DOWNLOAD AREA V.2.0 Upload Shell Vulnerability		890 \| 0
SSV-18770	2009-12-26		PHP Football Version : 1.0 Cross Site Scripting Vulnerability		840 \| 0
SSV-18731	2009-12-26		Dros RFI Vulnerability		818 \| 0
SSV-18739	2009-12-26		IMG2ASCII Cross Site Scripting Vulnerability		855 \| 0
SSV-18738	2009-12-26		file upload Ar Version Upload Shell Vulnerability		841 \| 0
SSV-18732	2009-12-26		TomatoCart Backup Vulnerability		873 \| 0
SSV-18745	2009-12-26		epay Backup Vulnerability		858 \| 0
SSV-18736	2009-12-26		SaphpLesson 4.0 food RFI Vulnerability		935 \| 0
SSV-18747	2009-12-26		e-cart 3.0 Multiple Vulnerabilities		835 \| 0
SSV-18743	2009-12-26		ES Simple Uploader v 1.1 Upload Shell Vulnerability		861 \| 0
SSV-18725	2009-12-26		worksystem 4.0.5 RFI Vulnerability		895 \| 0
SSV-18755	2009-12-26		MyCart shopping cart Upload Shell Vulnerability		817 \| 0
SSV-18729	2009-12-26		E-Pay RFI Vulnerability		880 \| 0
SSV-18772	2009-12-26		PHP Uploader Downloader v2.0 Cross Site Scripting Vulnerability		843 \| 0
SSV-15140	2009-12-25		PHP-Calendar configfile变量远程文件包含漏洞		623 \| 0
SSV-18703	2009-12-25		APHP ImgList 1.2.2 Cross Site Scripting Vulnerability		825 \| 0
SSV-18702	2009-12-25		Winn Guestbook V2.4 Winn.ws Cross Site Scripting Vulnerability		916 \| 0
SSV-18701	2009-12-25		asaher pro 1.0 RFI Vulnerability		801 \| 0
SSV-18704	2009-12-25		Best Top List Cross Site Scripting Vulnerability		845 \| 0
SSV-15132	2009-12-23		phpLDAPadmin cmd参数本地文件包含漏洞		844 \| 0
SSV-15121	2009-12-22		Simple PHP Blog <= 0.5.1 Local File Include vulnerability		828 \| 0
SSV-15118	2009-12-22		phpPollScript <= 1.3 Remote File Include Vulnerability		818 \| 0
SSV-15123	2009-12-22		Joomla Component com_jcalpro Remote FiLe include RFI		949 \| 0
SSV-87676	2009-12-21		phpMyAdmin 2.7.0 全局变量覆盖导致文件包含漏洞		1969 \| 0
SSV-18624	2009-12-20		Explorer V7.20 Cross Site Scripting Vulnerability		832 \| 0
SSV-18611	2009-12-19		3Com OfficeConnect Routers Remote DoS Exploit		846 \| 0

1
2
3
4
5
6
7
...
22