漏洞分类 - 远程文件包含 - Remote File Inclusion - 知道创宇 Seebug 漏洞平台

漏洞分类 — 远程文件包含

英文名字: Remote File Inclusion

漏洞详情：: 远程文件包含，简称 RFI，指服务利用程序文件包含函数包含远程文件，过滤不严导致可以包含服务器外的文件而导致问题产生。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-14898	2009-06-30		BIGACE CMS 2.6 (cmd) Local File Inclusion Vulnerability		1234 \| 0
SSV-14899	2009-06-30		Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability		722 \| 0
SSV-11725	2009-06-30		PHP-Sugar 0.80 (index.php t) Local File Inclusion Vulnerability		690 \| 0
SSV-11726	2009-06-30		WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln		1025 \| 0
SSV-14903	2009-06-29		DM FileManager 3.9.4 Remote File Inclusion Vulnerability		1100 \| 0
SSV-11707	2009-06-29		MyFusion 6b settings[locale] Local File Inclusion Vulnerability		686 \| 0
SSV-11705	2009-06-29		Mega File Manager 1.0 (index.php page) LFI Vulnerability		703 \| 0
SSV-14927	2009-06-24		LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability		745 \| 0
SSV-14931	2009-06-24		Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability		698 \| 0
SSV-11695	2009-06-24		phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities		708 \| 0
SSV-14933	2009-06-23		phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities		705 \| 0
SSV-11686	2009-06-23		Campsite 3.3.0 RC1 Multiple Remote File Inclusion Vulnerabilities		696 \| 0
SSV-11673	2009-06-22		Php168 本地文件包含漏洞		1297 \| 0
SSV-11661	2009-06-19		phpFK 7.03 (page_bottom.php) Local File Inclusion Vulnerability		709 \| 0
SSV-14954	2009-06-17		FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities		1179 \| 0
SSV-11636	2009-06-17		Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln		786 \| 0
SSV-14955	2009-06-17		fuzzylime cms <= 3.03a Local Inclusion / Arbitrary File Corruption PoC		705 \| 0
SSV-12953	2009-06-15		Mundi Mail 0.8.2 (top) Remote File Inclusion Vulnerability		703 \| 0
SSV-12949	2009-06-15		DB Top Sites 1.0 (index.php u) Local File Inclusion Vulnerability		700 \| 0
SSV-11616	2009-06-13		Uebimiau Web-Mail <= v3.2.0-1.8 Remote File / Overwrite Vulnerabilities		789 \| 0
SSV-11617	2009-06-13		WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI Vulnerability		840 \| 0
SSV-11583	2009-06-11		Joomla Component com_vehiclemanager 1.0 RFI Vulnerability		839 \| 0
SSV-11575	2009-06-11		S-CMS <= 2.0b3 Multiple Local File Inclusion Vulnerabilities		1383 \| 0
SSV-11570	2009-06-11		Joomla Component BookLibrary 1.5.2.4 Remote File Include Vuln		818 \| 0
SSV-11573	2009-06-11		Joomla Component com_media_library 1.5.3 RFI Vulnerability		825 \| 0
SSV-11584	2009-06-11		School Data Navigator (page) Local/Remote File Inclusion Vulnerability		741 \| 0
SSV-11580	2009-06-11		Joomla Component com_realestatemanager 1.0 RFI Vulnerability		785 \| 0
SSV-12918	2009-06-11		phpWebThings <= 1.5.2 (help.php module) Local File Inclusion Vuln		781 \| 0
SSV-12886	2009-06-09		Joomla Component BookLibrary 1.5.2.4 Remote File Inclusion Vuln		784 \| 0
SSV-11556	2009-06-09		Joomla Component MooFAQ (com_moofaq) LFI Vulnerability		744 \| 0
SSV-11543	2009-06-06		Podcast Generator多个模块文件包含和任意文件删除漏洞		531 \| 0
SSV-11518	2009-06-04		Joomla Omilen Photo Gallery 0.5b Local File Inclusion Vulnerability		744 \| 0
SSV-11505	2009-06-02		AdaptBB 1.0 (forumspath) Remote File Inclusion Vulnerability		730 \| 0
SSV-11471	2009-05-28		SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities		710 \| 0
SSV-11470	2009-05-28		Easy Px 41 CMS v09.00.00B1 (fiche) Local File Inclusion Vulnerability		699 \| 0
SSV-11439	2009-05-27		cpCommerce 1.2.x GLOBALS[prefix] Arbitrary File Inclusion Exploit		697 \| 0
SSV-11455	2009-05-27		Dokuwiki 2009-02-14 Remote/Temporary File Inclusion exploit		850 \| 0
SSV-11440	2009-05-27		Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability		1002 \| 0
SSV-11441	2009-05-27		Webradev Download Protect 1.0 Remote File Inclusion Vulnerabilities		692 \| 0
SSV-11410	2009-05-23		Cute Editor for ASP.NET vulnerability		452 \| 0
SSV-11393	2009-05-22		Coppermine Photo Gallery 'lang' Cookie参数本地文件包含漏洞		12146 \| 0
SSV-11339	2009-05-19		Flyspeck CMS 6.8 Remote LFI / Change Add Admin Exploit		721 \| 0
SSV-11341	2009-05-19		Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities		702 \| 0
SSV-11344	2009-05-19		DOURAN Portal <= 3.9.0.23 Multiple Remote Vulnerabilities		689 \| 0
SSV-11267	2009-05-12		Php Recommend <= 1.3 (AB/RFI/CI) Multiple Remote Vulnerabilities		803 \| 0
SSV-11233	2009-05-08		赛问(cyask)collect.php本地文件读取漏洞		1260 \| 0
SSV-11196	2009-05-05		Qt quickteam Multiple Remote File Inclusion Vulnerabilities		691 \| 0
SSV-11175	2009-05-02		pecio cms 1.1.5 (index.php language) Local File Inclusion Vulnerability		736 \| 0
SSV-5132	2009-04-30		S-CMS version 1.1 suffers from a local file inclusion vulnerability in plugin.php		1232 \| 0
SSV-11110	2009-04-28		Thickbox Gallery v2 (index.php ln) Local File Inclusion Vulnerability		713 \| 0
SSV-11113	2009-04-28		Flatchat 3.0 (pmscript.php with) Local File Inclusion Vulnerability		1409 \| 0
SSV-5117	2009-04-28		TotalCalendar cms_detect.php模块本地文件包含漏洞		1005 \| 0
SSV-11107	2009-04-28		Opencart 1.1.8 (route) Local File Inclusion Vulnerability		1430 \| 0
SSV-5114	2009-04-28		NotFTP config.php本地文件包含漏洞		494 \| 0
SSV-11086	2009-04-23		WebPortal CMS 0.8b Multiple Remote/Local File Inclusion Vulnerabilities		771 \| 0
SSV-11087	2009-04-23		FOWLCMS 1.1 (AB/LFI/SU) Multiple Remote Vulnerabilities		1017 \| 0
SSV-11071	2009-04-21		TotalCalendar 2.4 (inc_dir) Remote File Inclusion Vulnerability		1162 \| 0
SSV-11070	2009-04-21		FunGamez rc1 (AB/LFI) Multiple Remote Vulnerabilities		724 \| 0
SSV-11040	2009-04-17		SMA-DB 0.3.13 Multiple Remote File Inclusion Vulnerabilities		685 \| 0
SSV-11025	2009-04-16		Job2C 4.2 (adtype) Local File Inclusion Vulnerability		693 \| 0
SSV-11023	2009-04-16		FreeWebshop.org 2.2.9 RC2 (lang_file) Local File Inclusion Vulnerability		752 \| 0
SSV-17902	2009-04-14		PHP-Revista 1.1.2 (RFI/SQLi/CB/XSS) Multiple Remote Vulnerabilities		708 \| 0
SSV-11000	2009-04-14		Yellow Duck Weblog 2.1.0 (lang) Local File Inclusion Vulnerability		773 \| 0
SSV-10973	2009-04-11		Redaxscript 0.2.0 (language) Local File Inclusion Vulnerability		745 \| 0
SSV-10958	2009-04-07		iDB 0.2.5pa SVN 243 (skin) Local File Inclusion Exploit		700 \| 0
SSV-10946	2009-04-04		ActiveKB Knowledgebase (loadpanel.php Panel) Local File Inclusion Vuln		720 \| 0
SSV-10940	2009-04-02		Koschtit Image Gallery 1.82 Multiple Local File Inclusion Vulnerabilities		710 \| 0
SSV-10930	2009-04-01		webEdition <= 6.0.0.4 (WE_LANGUAGE) Local File Inclusion Vulnerability		741 \| 0
SSV-17886	2009-03-26		Acute Control Panel 1.0.0 (SQL/RFI) Multiple Remote Vulnerabilities		769 \| 0
SSV-4948	2009-03-24		ECMall本地文件包含漏洞		1539 \| 0
SSV-10884	2009-03-24		Jinzora Media Jukebox <= 2.8 (name) Local File Inclusion Vulnerability		688 \| 0
SSV-10880	2009-03-24		Pluck CMS 4.6.1 (module_pages_site.php post) LFI Exploit		717 \| 0
SSV-4930	2009-03-19		Horde产品本地文件包含和跨站脚本漏洞		1919 \| 0
SSV-10835	2009-03-19		Mega File Hosting Script 1.2 (cross.php url) RFI Vulnerability		705 \| 0
SSV-10814	2009-03-14		YAP 1.1.1 (index.php page) Local File Inclusion Vulnerability		727 \| 0
SSV-10794	2009-03-11		CMS S.Builder <= 3.7 Remote File Inclusion Vulnerability		741 \| 0
SSV-10803	2009-03-11		WeBid <= 0.7.3 RC9 Multiple Remote File Inclusion Vulnerabilities		709 \| 0
SSV-17877	2009-03-06		Wili-CMS 0.4.0 (RFI/LFI/AB) Multiple Remote Vulnerabilities		743 \| 0
SSV-17872	2009-03-03		ghostscripter Amazon Shop (XSS/DT/RFI) Multiple Vulnerabilities		766 \| 0
SSV-4857	2009-03-03		eXtplorer include/init.php本地文件包含漏洞		1177 \| 0
SSV-17873	2009-03-03		Yaws < 1.80 (multiple headers) Remote Denial of Service Exploit		808 \| 0
SSV-4849	2009-02-28		视频播客SupeV 1.0.1 多个安全漏洞		620 \| 0
SSV-10733	2009-02-27		Golabi CMS Remote File Inclusion Vulnerability		1008 \| 0
SSV-10717	2009-02-24		Free Arcade Script 1.0 LFI Command Execution Exploit		740 \| 0
SSV-10702	2009-02-21		phpBB 3 (autopost bot mod <= 0.1.3) Remote File Include Vulnerability		1176 \| 0
SSV-4768	2009-02-15		GnuBoard 文件包含漏洞&远程代码执行漏洞		550 \| 0
SSV-4766	2009-02-15		4Images 1.7.6 Local Inclusion Vulnerability		1218 \| 0
SSV-10627	2009-02-15		Papoo CMS 3.x (pfadhier) Local File Inclusion Vulnerability		762 \| 0
SSV-10604	2009-02-11		Potato News 1.0.0 (user) Local File Inclusion Vulnerability		1219 \| 0
SSV-10591	2009-02-10		AdaptCMS Lite 1.4 (XSS/RFI) Multiple Remote Vulnerabilities		802 \| 0
SSV-10597	2009-02-10		WB News 2.1.1 config[installdir] Remote File Inclusion Vulnerability		714 \| 0
SSV-10592	2009-02-10		SnippetMaster Webpage Editor 2,2,2 (RFI/XSS) Multiple Vulnerabilities		756 \| 0
SSV-10596	2009-02-10		webframe 0.76 Multiple File Inclusion Vulnerabilities		727 \| 0
SSV-10595	2009-02-10		Yet Another NOCC <= 0.1.0 Local File Inclusion Vulnerability		718 \| 0
SSV-10581	2009-02-09		phpYabs 0.1.2 (Azione) Remote File Inclusion Vulnerability		764 \| 0
SSV-17844	2009-02-09		SnippetMaster Webpage Editor 2 2 2 (RFI/XSS) Multiple Vulnerabilities		704 \| 0
SSV-17842	2009-02-09		Traidnt UP Version 1.0 Remote File Upload Vulnerability		759 \| 0
SSV-17841	2009-02-06		SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities		755 \| 0
SSV-10566	2009-02-05		phpList <= 2.10.8 Local File Inclusion Vulnerability		690 \| 0
SSV-10565	2009-02-04		PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit		1328 \| 0

1
2
3
4
5
6
7
8
9
...
22