漏洞分类 - 远程文件包含 - Remote File Inclusion - 知道创宇 Seebug 漏洞平台

漏洞分类 — 远程文件包含

英文名字: Remote File Inclusion

漏洞详情：: 远程文件包含，简称 RFI，指服务利用程序文件包含函数包含远程文件，过滤不严导致可以包含服务器外的文件而导致问题产生。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-98134	2020-02-20		Apache Tomcat Ajp协议文件包含漏洞		12891 \| 0
SSV-97821	2019-02-25		Siteserver CMS 远程模板下载Getshell漏洞		7055 \| 0
SSV-91263	2016-04-06		Zenphoto 1.4.11 - Remote File Inclusion		1481 \| 0
SSV-90521	2016-01-19		ThinkSNS /thinksns/apps/weiba/Lib/Widget/WeibaReplyWidget/WeibaReplyWidget.class.php 任意文件包含漏洞		1639 \| 0
SSV-90505	2016-01-19		ThinkSNS /thinksns/apps/w3g/Lib/Action/PublicAction.class.php 任意文件包含漏洞		1564 \| 0
SSV-90241	2016-01-09		ThinkSAAS中tsUrlCheck()函数引发注入漏洞		1670 \| 0
SSV-90166	2015-12-22		Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] 远程文件包含		1570 \| 2
SSV-89984	2015-12-03		Gwolle Guestbook WordPress插件远程文件包含漏洞		1527 \| 0
SSV-89636	2015-10-10		LANDESK Management Suite Remote File Include Vulnerability		1070 \| 0
SSV-89362	2015-09-07		DedeCMS 5.7 SP1 /install/index.php 远程文件包含漏洞		6683 \| 0
SSV-89360	2015-09-07		WordPress Really Simple Guest Post Plugin 1.0.6 /simple-guest-post-submit.php 远程文件包含		1628 \| 0
SSV-89056	2015-03-06		PHPWind 7.5 /apps/groups/index.php 远程文件包含漏洞		2396 \| 0
SSV-87375	2014-11-13		Magento Server MAGMI Plugin - Remote File Inclusion (RFI)		1464 \| 0
SSV-87369	2014-11-13		iFunBox Free 1.1 iOS - File Inclusion Vulnerability		2284 \| 0
SSV-87289	2014-09-29		OsClass 3.4.1 (index.php, file param) - Local File Inclusion		1325 \| 0
SSV-87275	2014-09-29		LittleSite 0.1 'file' Parameter Local File Include Vulnerability		1192 \| 0
SSV-87255	2014-09-18		Photorange 1.0 iOS - File Inclusion Vulnerability		2404 \| 0
SSV-87233	2014-09-18		Railo Remote File Include		1097 \| 0
SSV-87214	2014-09-04		WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability		2062 \| 0
SSV-87195	2014-08-20		PhotoSync Wifi & Bluetooth 1.0 - File Include Vulnerability		1051 \| 0
SSV-87159	2014-07-28		DirPHP 1.0 - LFI Vulnerability		1632 \| 0
SSV-87140	2014-07-17		Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities		1129 \| 0
SSV-87127	2014-07-09		Photo Org WonderApplications 8.3 iOS - File Include Vulnerability		2469 \| 0
SSV-62608	2014-06-10		ECstore 本地文件包含漏洞		2649 \| 0
SSV-62266	2014-06-04		SOAPpy 0.12.5 多个漏洞		862 \| 0
SSV-62655	2014-05-12		CMSimple 4.4 /required_classes.php 远程文件包含漏洞		1026 \| 0
SSV-62261	2014-05-10		Cobbler 2.4.x - 2.6.x 本地文件包含		994 \| 0
SSV-62017	2014-04-01		WordPress Ajax Pagination插件'admin-ajax.php'本地文件包含漏洞		1634 \| 0
SSV-61905	2014-03-25		MeiuPic 'ctl'参数本地文件包含漏洞		1271 \| 0
SSV-61788	2014-03-13		Vtiger CRM文件包含漏洞		1381 \| 0
SSV-61736	2014-03-11		ClipShare Pro 'ubr_link_upload.php'本地文件包含漏洞		1310 \| 0
SSV-61722	2014-03-11		IBM Tealeaf CX未明本地文件包含漏洞		627 \| 0
SSV-61241	2013-12-31		AFCommerce 'rootpathtocart'参数多个远程文件包含漏洞		972 \| 0
SSV-61212	2013-12-26		ThinkSAAS 2.0.1 thinksaas.php 本地文件包含漏洞		3010 \| 0
SSV-61203	2013-12-25		Song Exporter v2.1.1 RS iOS文件包含漏洞		1968 \| 0
SSV-61098	2013-12-13		大汉版通JCMS内容管理系统文件包含漏洞		2853 \| 0
SSV-61096	2013-12-13		Zimbra邮件系统文件包含漏洞		8739 \| 0
SSV-60771	2013-04-28		phpMyAdmin 'what'参数本地文件包含漏洞		1224 \| 0
SSV-60716	2013-03-29		DedeCms 5.x 本地文件包含漏洞(respond方法)		1923 \| 0
SSV-60619	2013-02-03		Wordpress Gallery插件'load'参数远程文件包含漏洞		1127 \| 0
SSV-60568	2013-01-10		WordPress Browser Rejector 插件"wppath"远程文件包含漏洞		793 \| 0
SSV-60525	2012-12-21		Joomla! ZT Autolinks组件'controller'参数本地文件包含漏洞		934 \| 0
SSV-60495	2012-12-04		WordPress WP-Realty 插件'language'参数本地文件包含漏洞		1267 \| 0
SSV-60394	2012-09-20		Joomla!/Mambo FCKeditor模块'Connector'本地文件包含漏洞		947 \| 0
SSV-60295	2012-07-25		phpcms V9 phpcms\modules\search\index.php 任意读文件		3652 \| 0
SSV-60289	2012-07-22		Joomla Hello component suffers from a local file inclusion vulnerability.		1427 \| 0
SSV-60280	2012-07-18		phpcms 2008多个文件包含漏洞		1996 \| 0
SSV-62285	2012-06-06		php-cgi 5.3.12 cgi-main.c 远程文件包含漏洞		1184 \| 0
SSV-60086	2012-05-01		Vbulletin 4.1.10 (functions_cron.php) Local file Include Vulnerabilities		1246 \| 0
SSV-60063	2012-04-15		Invision Power Board 3.3/3.2.3 本地文件包含漏洞		1353 \| 0
SSV-60032	2012-04-10		OpenCart 1.x 本地文件包含漏洞		1311 \| 0
SSV-88131	2012-03-19		Bo-Blog 2.1.0 go.php 文件包含漏洞		1328 \| 0
SSV-88124	2012-03-07		ShopEX 4.6 verifycode.php远程文件包含漏洞		1300 \| 0
SSV-88121	2012-02-27		PHPWind 7.5 apps-share-index.php 文件包含漏洞		1544 \| 0
SSV-88120	2012-02-27		Kuwebs 3.1.3 admin-index.php参数menu远程文件包含漏洞		1489 \| 0
SSV-30048	2012-01-25		Joomla Component com_bch LFI Vulnerability		1072 \| 0
SSV-30046	2012-01-25		Joomla Component com_rule LFI Vulnerability		1053 \| 0
SSV-30047	2012-01-25		Joomla Component com_sadnews LFI Vulnerability		1069 \| 0
SSV-30020	2012-01-16		phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection		1369 \| 0
SSV-26136	2011-12-31		织梦(DEDE)CMS V5.3 覆盖任意变量导致远程包含漏洞		1710 \| 0
SSV-26135	2011-12-31		ECSHOP 2.6 calendar.php本地包含漏洞		2490 \| 1
SSV-26074	2011-12-19		PHPCMS_V9 /modules/comment/index.php 本地包含漏洞		1507 \| 0
SSV-26079	2011-12-19		PHPCMS_V9 (get_linkage.php) 本地文件包含漏洞		1090 \| 0
SSV-26021	2011-12-12		PHPCMS V9 (plugin.php)本地文件包含漏洞		1605 \| 0
SSV-24253	2011-11-25		Wordpress enable-latex plugin Remote File Include Vulnerabilities		996 \| 0
SSV-23171	2011-11-04		VBulletin 4.1.7多个远程文件包含漏洞		942 \| 0
SSV-23123	2011-10-26		Joomla YJ Contact us Component Local File Inclusion Vulnerability		1105 \| 0
SSV-23112	2011-10-18		Wordpress Mailing List 1.3.2远程文件包含漏洞		937 \| 0
SSV-20900	2011-08-26		WordPress Yoast v4.1.3 Local File Disclosure Vulnerability		1227 \| 0
SSV-20879	2011-08-18		Joomla JoomTouch Component Local File Inclusion Vulnerability		982 \| 0
SSV-20799	2011-07-31		Joomla Component (com_obSuggest) Local File Inclusion Vulnerability		976 \| 0
SSV-20758	2011-07-24		Joomla Component JE K2 Story Submit Local File Inclusion Vulnerability		990 \| 0
SSV-20446	2011-04-08		S40 CMS 0.4.2b LFI Vulnerability		870 \| 0
SSV-20410	2011-03-29		webEdition CMS Local File Inclusion Vulnerability		919 \| 0
SSV-20327	2011-01-19		CmsEasp 2.0.0 LFI vulnerability		801 \| 0
SSV-20304	2010-12-21		Joomla Component Jotloader 2.2.1 Local File Inclusion Vulnerability		917 \| 0
SSV-20295	2010-12-17		Joomla JRadio Component (com_jradio) Local File Inclusion		1016 \| 0
SSV-20239	2010-11-10		Joomla Component (com_img) LFI Vulnerability		984 \| 0
SSV-20220	2010-11-01		XAMPP <= 1.7.3 multiple vulnerabilites		1461 \| 0
SSV-20159	2010-10-14		Exponent CMS v0.97 Multiple Vulnerabilities		939 \| 0
SSV-20147	2010-10-03		Tiki Wiki CMS Groupware 5.2 Multiple Vulnerabilities		2629 \| 0
SSV-19996	2010-07-27		Joomla Component (com_joomla-visites) Remote File inclusion Vulnerability		935 \| 0
SSV-19941	2010-07-10		sphider v1.3.5 Remote File Inclusion Vulnerability		848 \| 0
SSV-19931	2010-07-08		pithcms (theme) Local Remote File inclusion Vulnerability		952 \| 0
SSV-19932	2010-07-08		ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities		876 \| 0
SSV-19911	2010-07-07		Sandbox 2.0.3 Multiple Remote Vulnerabilities		858 \| 0
SSV-19898	2010-07-02		Joomla Component Remository (com_remository) LFI		1093 \| 0
SSV-19870	2010-06-27		Joomla JE Event Calendar LFI Vulnerability		1029 \| 0
SSV-19866	2010-06-27		织梦(Dedecms) V5.6 plus/carbuyaction.php 本地文件包含漏洞		2854 \| 0
SSV-19860	2010-06-25		phportal_1.2 (gunaysoft.php) Remote File Include Vulnerability		893 \| 0
SSV-19819	2010-06-18		Pithcms 0.9.5 Local File Include Vulnerability		886 \| 0
SSV-19806	2010-06-17		Nakid CMS "core[system_path]" File Inclusion Vulnerability		837 \| 0
SSV-19789	2010-06-12		Parallels System Automation (PSA) Local File Inclusion		889 \| 0
SSV-19732	2010-06-03		e107 0.7.21 remote file inclusion Vulnerabilities		1231 \| 0
SSV-19730	2010-06-03		phpGraphys 0.9.13 and below Remote File Inclusion Vulnerability		832 \| 0
SSV-19728	2010-06-03		Joomla component SimpleDownload Local File Inclusion		952 \| 0
SSV-19713	2010-05-31		Symphony CMS Local File Inclusion Vulnerability		926 \| 0
SSV-19698	2010-05-28		Joomla Component MediQnA LFI vulnerability		952 \| 0
SSV-19690	2010-05-25		Joomla Component BeeHeard Lite Local File Inclusion Vulnerability		934 \| 0
SSV-19668	2010-05-21		phpGroupWare app参数本地文件包含漏洞		1102 \| 0

1
2
3
4
5
6
...
22