CVE-2024-52385

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-98
View all →

Vulnerability Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Sk. Abul Hasan Team Member.This issue affects Team Member: from n/a through 7.3.

Related Vulnerabilities

CVE-2021-29113

MEDIUM
CVSS:4.7(Medium)

A remote file inclusion vulnerability in the ArcGIS Server help documentation may allow a remote, unauthenticated attacker to inject attacker supplied html into a page.

CWE-982021

CVE-2020-5295

MEDIUM
CVSS:4.9(Medium)

In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is...

CWE-982020

CVE-2023-23565

MEDIUM
CVSS:4.9(Medium)

An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion.

CWE-982023

CVE-2023-49031

MEDIUM
CVSS:5.1(Medium)

Directory Traversal (Local File Inclusion) vulnerability in Tikit (now Advanced) eMarketing platform 6.8.3.0 allows a remote attacker to read arbitrary files and obtain sensitive information via a cra...

CWE-982023

CVE-2024-52386

MEDIUM
CVSS:5.3(Medium)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Business Directory Team by RadiusTheme Classified Listing classified-listing al...

CWE-982024

CVE-2015-6461

MEDIUM
CVSS:5.4(Medium)

Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP3...

CWE-982015