CVE-2024-0315

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-98
View all →

Vulnerability Description

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process.

Related Vulnerabilities

CVE-2016-6565

HIGH
CVSS:7.5(High)

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to...

CWE-982016

CVE-2017-14095

HIGH
CVSS:8.1(High)

A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system...

CWE-982017

CVE-2019-5479

HIGH
CVSS:7.5(High)

An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).

CWE-982019

CVE-2020-13175

HIGH
CVSS:7.5(High)

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local fil...

CWE-982020

CVE-2021-21804

HIGH
CVSS:8.1(High)

A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code e...

CWE-982021

CVE-2022-41547

HIGH
CVSS:7.5(High)

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to re...

CWE-982022