BestHub
Sign in
Tag

File Inclusion

0 views collected around this technical thread.

Laravel Tech Community
Laravel Tech Community
Dec 29, 2022 · Information Security

Security Vulnerability Analysis of XiongHai CMS 1.0

The article provides a detailed security analysis of the XiongHai CMS 1.0, describing its directory structure and exposing multiple vulnerabilities including file inclusion, SQL injection, XSS, and vertical privilege escalation, along with example exploit code.

CMSFile InclusionSQL injection
0 likes · 8 min read
Security Vulnerability Analysis of XiongHai CMS 1.0
macrozheng
macrozheng
Mar 3, 2020 · Information Security

Exploiting Apache Tomcat AJP File Inclusion (CVE‑2020‑1938) for Remote Code Execution

This article analyzes the high‑severity Apache Tomcat AJP file‑inclusion vulnerability (CVE‑2020‑1938), detailing affected versions, the underlying code flaw, how attackers can read arbitrary files and achieve remote code execution, and provides concrete upgrade recommendations to mitigate the risk.

AJPApache TomcatCVE-2020-1938
0 likes · 7 min read
Exploiting Apache Tomcat AJP File Inclusion (CVE‑2020‑1938) for Remote Code Execution
Architect's Tech Stack
Architect's Tech Stack
Feb 25, 2020 · Information Security

Analysis of Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) and Mitigation

The article details the high‑severity Apache Tomcat AJP file‑inclusion vulnerability (CVE‑2020‑1938), explains how it enables arbitrary file read and remote code execution on vulnerable Tomcat versions, and provides remediation steps including upgrading to patched releases.

AJPApache TomcatCVE-2020-1938
0 likes · 5 min read
Analysis of Apache Tomcat AJP File Inclusion Vulnerability (CVE-2020-1938) and Mitigation