漏洞分类 - 远程文件包含 - Remote File Inclusion - 知道创宇 Seebug 漏洞平台

漏洞分类 — 远程文件包含

英文名字: Remote File Inclusion

漏洞详情：: 远程文件包含，简称 RFI，指服务利用程序文件包含函数包含远程文件，过滤不严导致可以包含服务器外的文件而导致问题产生。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-18610	2009-12-19		FestOs <= 2.2.1 Multiple RFI Exploit		846 \| 0
SSV-18623	2009-12-19		Linux - setreuid (0 0) & execve(/bin/rm /etc/shadow)		924 \| 0
SSV-18622	2009-12-19		SaurusCMS <= 4.6.4 Multiple RFI Exploit		845 \| 0
SSV-18620	2009-12-19		Ptag <= 4.0.0 Multiple RFI Exploit		814 \| 0
SSV-18599	2009-12-18		gpEasy <= 1.5RC3 Remote FIle Include Exploit		780 \| 0
SSV-15075	2009-12-15		Loggix Project <= 9.4.5 Multiple Remote File Inclusion		771 \| 0
SSV-18496	2009-12-14		Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability		844 \| 0
SSV-18497	2009-12-14		eoCMS <= 0.9.03 Remote FIle Include Vulnerability		766 \| 0
SSV-15055	2009-12-12		Mamboleto Joomla! component Remote File Include Vulneralbility		1027 \| 0
SSV-18454	2009-12-10		Joomla! Mamboleto Component 2.0 RC3 Remote File Include Vulneralbility		941 \| 0
SSV-18431	2009-12-07		SiSplet CMS <= 2008-01-24 Multiple Remote File Include Exploit		864 \| 0
SSV-18439	2009-12-07		MarieCMS v0.9 LFI RFI and XSS Vulnerabilities		810 \| 0
SSV-18421	2009-12-06		AROUNDMe <= 1.1 (language_path) Remote File Include Exploit		787 \| 0
SSV-18440	2009-12-06		TANDBERG vF8.2 F8.0 F7.2 and F6.3 Remote Denial of Service		752 \| 0
SSV-15030	2009-12-05		Invision Power Board Local File Include Vulnerabilities		925 \| 0
SSV-18367	2009-12-03		Thatware <= 0.5.3 Multiple Remote File Include Exploit		790 \| 0
SSV-18377	2009-12-03		SAPID SHOP <= 1.3 Remote File Include Vulnerability		847 \| 0
SSV-18364	2009-12-02		Simple Machines Forum Multiple Security Vulnerabilities		939 \| 0
SSV-18363	2009-12-01		Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities		892 \| 0
SSV-18360	2009-12-01		Quate CMS <= 0.3.5 (RFI/LFI) Multiple Remote Vulnerabilities		787 \| 0
SSV-18374	2009-12-01		Public Media Manager <= 1.3 (forms_dir) Remote File Include Vulnerability		797 \| 0
SSV-18346	2009-11-29		SweetRice <= 0.5.3 Remote File Include Vulnerability		843 \| 0
SSV-18378	2009-11-25		Power BB 1.8.3 Remote File Includes		822 \| 0
SSV-18375	2009-11-25		OpenCSP Multiple Remote File Include Vulnerability		755 \| 0
SSV-14979	2009-11-24		PHP Live! Support v3.1 Multiple Remote File Include		1084 \| 0
SSV-12661	2009-11-17		Joomla / Mambo Component com_ezine Remote File Include vulnerability		848 \| 0
SSV-12658	2009-11-17		Telepark Wiki v2.4.23 Multiple Remote Vulnerabilities		781 \| 0
SSV-12621	2009-11-13		Bitrix Site Manager Multiple Remote File Include Vulnerability		816 \| 0
SSV-14387	2009-11-12		Article Directory Index.PHP Remote File Include Vulnerability		770 \| 0
SSV-12585	2009-11-07		Deliveryscript Multiple Remote File include vulnerability		792 \| 0
SSV-14435	2009-11-04		Endonesia CMS 8.4 local file inclusion		798 \| 0
SSV-14419	2009-10-28		Oscailt CMS 3.3 Local File Inclusion		913 \| 0
SSV-12507	2009-10-22		Joomla Component com_booklibrary v1.0		840 \| 0
SSV-12506	2009-10-22		Joomla JD-WordPress Vulnerability File Inclusion Version 2.0 RC2		810 \| 0
SSV-12508	2009-10-22		Joomla Component com_ajaxchat 1.0 Remote File Include		661 \| 0
SSV-18274	2009-10-20		Joomla / Mambo Component com_ezine v2.1 Remote File Include Vulnerability		897 \| 0
SSV-14430	2009-10-19		Joomla Ajax Chat 1.0 remote file inclusion		844 \| 0
SSV-12449	2009-10-12		A-Blog menu.php navigation_start Parameter Remote File Inclusion		2788 \| 0
SSV-14362	2009-10-12		Dazzle Blast Remote File Inclusion		792 \| 0
SSV-12443	2009-10-10		QuickCart Multiple vlunerabilities		776 \| 0
SSV-14358	2009-10-08		QuickCart 3.x xss xsrf Local File Inclusion Directory Traversal		813 \| 0
SSV-12423	2009-10-04		PHP168后台查看/修改任意文件漏洞		2174 \| 0
SSV-14493	2009-09-29		FlatPress 0.804 - 0.812.1 local file inclusion vulnerability		830 \| 0
SSV-14486	2009-09-24		FSphp 0.2.1 Remote File Inclusion		786 \| 0
SSV-14468	2009-09-22		Joomla GroupJive 1.8 B4 Remote File Inclusion		863 \| 0
SSV-12376	2009-09-22		Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities		991 \| 0
SSV-12378	2009-09-22		ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability		782 \| 0
SSV-14469	2009-09-22		Achievo 1.3.4 Remote File Inclusion		865 \| 0
SSV-12362	2009-09-21		ClearSite 4.50 (cs_base_path) Remote File Inclusion Vulnerability		776 \| 0
SSV-18297	2009-09-21		Loggix Project <= 9.4.5 Multiple Remote File Include Vulnerability		779 \| 0
SSV-12359	2009-09-21		FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities		777 \| 0
SSV-18296	2009-09-21		ProdLer <= 2.0 Remote File Include Vulnerability		790 \| 0
SSV-12352	2009-09-18		Mambo Component com_koesubmit 1.0.0 RFI Vulnerability		1520 \| 0
SSV-12342	2009-09-18		OpenSiteAdmin 0.9.7b (pageHeader.php path) RFI Vulnerability		903 \| 0
SSV-18286	2009-09-18		Network Management/Inventory System [header.php] Remote File Include		788 \| 0
SSV-14501	2009-09-16		phpPollScript <= 1.3 (include_class) Remote File Inclusion Vulnerability		835 \| 0
SSV-14510	2009-09-15		efront <= 3.5.4 (database.php path) Remote File Inclusion Vulnerability		882 \| 0
SSV-12296	2009-09-14		Drunken:Golem Gaming Portal (admin_news_bot.php) RFI Vulnerability		821 \| 0
SSV-14517	2009-09-14		Aurora CMS 1.0.2 (install.plugin.php) Remote File Inclusion Vulnerability		818 \| 0
SSV-14540	2009-09-10		Advanced Comment System 1.0 Multiple RFI Vulnerabilities		957 \| 0
SSV-14550	2009-09-09		OBOphiX <= 2.7.0 (fonctions_racine.php) Remote File Inclusion Vuln		787 \| 0
SSV-14542	2009-09-09		phpNagios 1.2.0 (menu.php) Local File Inclusion Vulnerability		2056 \| 0
SSV-12201	2009-09-05		PHPList远程文件包含漏洞		565 \| 0
SSV-12209	2009-09-05		Zentrack index.php远程文件包含漏洞		1262 \| 0
SSV-12200	2009-09-04		MediaWiki 'IP'参数远程文件包含漏洞		1324 \| 0
SSV-14558	2009-09-03		PHPope <= 1.0.0 Multiple Remote File Inclusion Vulnerabilities		794 \| 0
SSV-14559	2009-09-03		FreeSchool <= 1.1.0 Multiple Remote File Inclusion Vulnerabilities		774 \| 0
SSV-12181	2009-09-02		Kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability		1560 \| 0
SSV-14561	2009-09-02		Ve-EDIT 0.1.4 (highlighter) Remote File Inclusion Vulnerability		792 \| 0
SSV-12183	2009-09-02		DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability		817 \| 0
SSV-14567	2009-09-01		Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability		773 \| 0
SSV-12142	2009-08-27		Moa Gallery <= 1.2.0 Multiple Remote File Inclusion Vulnerabilities		760 \| 0
SSV-14585	2009-08-26		phpSANE 0.5.0 (save.php) Remote File Inclusion Vulnerability		757 \| 0
SSV-14633	2009-08-18		Autonomous LAN party <= 0.98.3 Remote File Inclusion Vulnerability		776 \| 0
SSV-14644	2009-08-18		PHP-Lance 1.52 Multiple Local File Inclusion Vulnerabilities		793 \| 0
SSV-14673	2009-08-07		IsolSoft Support Center 2.5 (RFI/LFI/XSS) Multiples Vulnerabilities		837 \| 0
SSV-14674	2009-08-07		Facil Helpdesk (RFI/LFI/XSS) Multiples Remote Vulnerabilities		784 \| 0
SSV-11994	2009-08-06		MyBackup 1.4.0 (AFD/RFI) Multiple Remote Vulnerabilities		827 \| 0
SSV-11979	2009-08-05		In-Portal 4.3.1 (index.php env) Local File Inclusion Vulnerability		753 \| 0
SSV-11977	2009-08-05		elgg <= 1.5 (/_css/js.php) Local File Inclusion Vulnerability		2333 \| 0
SSV-11970	2009-08-04		Arab Portal <= 2.2 (mod.php module) Local File Inclusion Vulnerability		787 \| 0
SSV-11968	2009-08-04		ProjectButler 1.5.0 (pda_projects.php offset) RFI Vulnerability		763 \| 0
SSV-14714	2009-08-03		Netpet CMS 1.9 (confirm.php language) Local File Inclusion Vulnerability		793 \| 0
SSV-14723	2009-08-01		MAXcms 3.11.20b Multiple Remote File Inclusion Vulnerabilities		1165 \| 0
SSV-11956	2009-07-31		PunBB Reputation.php Mod <= 2.0.4 Local File Inclusion Exploit		1431 \| 0
SSV-14728	2009-07-30		Really Simple CMS 0.3a (pagecontent.php PT) Local File Inclusion Vulnerability		785 \| 0
SSV-14727	2009-07-30		MUJE CMS 1.0.4.34 Local File Inclusion Vulnerabilities		794 \| 0
SSV-14731	2009-07-30		dit.cms 1.3 (path/sitemap/relPath) Local File Inclusion Vulnerabilities		774 \| 0
SSV-14733	2009-07-30		justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities		873 \| 0
SSV-11932	2009-07-30		Ultrize TimeSheet 1.2.2 Remote File Inclusion Vulnerability		764 \| 0
SSV-11906	2009-07-28		SerWeb <= 2.1.0-dev1 2009-07-02 Multiple RFI Vulnerabilities		782 \| 0
SSV-14760	2009-07-27		PHP Paid 4 Mail Script (home.php page) Remote File Inclusion Vuln		893 \| 0
SSV-14768	2009-07-27		SkaDate Dating (RFI/LFI/XSS) Multiple Remote Vulnerabilities		810 \| 0
SSV-14787	2009-07-23		AWCM 2.1 Local File Inclusion / Auth Bypass Vulnerabilities		828 \| 0
SSV-14801	2009-07-20		MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities		791 \| 0
SSV-14816	2009-07-17		Super Simple Blog Script 2.5.4 Local File Inclusion Vulnerability		759 \| 0
SSV-14828	2009-07-15		Greenwood Content Manager 0.3.2 Local File Inclusion Exploit		771 \| 0
SSV-14829	2009-07-15		PHPGenealogy 2.0 (DataDirectory) RFI Vulnerability		824 \| 0
SSV-14849	2009-07-10		LionWiki (index.php page) Local File Inclusion Vulnerability		850 \| 0
SSV-14868	2009-07-09		ClearContent (image.php url) RFI/LFI Vulnerability		826 \| 0

1
2
3
4
5
6
7
8
...
22