CVE-2020-27191
published 2020-11-16CVE-2020-27191: LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File…
PriorityP357high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
8.36%
94.3th percentile
LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lionwiki | lionwiki | < 3.2.12 | 3.2.12 |
Detection & IOCsextracted from sources · hover to see the quote
- →A successful LFI exploitation response will return HTTP 200 and contain the Unix passwd file pattern root:[x*]:0:0: ↗
- →The vulnerability is unauthenticated — no session or credentials are required to trigger the LFI via the f1 variable in index.php with action=edit and restore=1 ↗
- ·This vulnerability only affects LionWiki versions prior to 3.2.12, which is an end-of-life product no longer supported by the maintainer ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
LionWiki <3.2.12 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2020-27191 [HIGH] LionWiki <3.2.12 - Local File Inclusion
LionWiki <3.2.12 - Local File Inclusion
LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion.
Template:
id: CVE-2020-27191
info:
name: LionWiki <3.2.12 - Local File Inclusion
author: 0x_Akoko
severity: high
description: LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion.
impact: |
An attacker can exploit this vulnerability to access sensitive information, such as configuration files, credentials, or other sensitive data.
remediation: |
Upgrade LionWiki to version 3.2.12 or later to mitigate the LFI vulnerability.
reference:
- https://www.junebug.site/blog/cve-20
Nuclei
Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
nuclei·CVSS 7.5
CVE-2020-27361 [HIGH] Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
Akkadian Provisioning Manager 4.50.02 could allow viewing of sensitive information within the /pme subdirectories.
Template:
id: CVE-2020-27361
info:
name: Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
author: gy741
severity: high
description: Akkadian Provisioning Manager 4.50.02 could allow viewing of sensitive information within the /pme subdirectories.
impact: |
An attacker can exploit this vulnerability to gain access to sensitive information, potentially leading to further attacks.
remediation: |
Apply the latest patch or upgrade to a newer version of Akkadian Provisioning Manager to fix the vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-27191
classification:
2020-11-16
Published