CVE-2024-56230

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-98
View all →

Vulnerability Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dynamic Web Lab Dynamic Product Category Grid, Slider for WooCommerce allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through 1.1.3.

Related Vulnerabilities

CVE-2016-6565

HIGH
CVSS:7.5(High)

The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to...

CWE-982016

CVE-2019-5479

HIGH
CVSS:7.5(High)

An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).

CWE-982019

CVE-2020-13175

HIGH
CVSS:7.5(High)

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local fil...

CWE-982020

CVE-2022-41547

HIGH
CVSS:7.5(High)

Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to re...

CWE-982022

CVE-2022-44786

HIGH
CVSS:7.5(High)

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This aff...

CWE-982022

CVE-2023-31716

HIGH
CVSS:7.5(High)

FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log

CWE-982023