Vulnerabilities > CVE-2020-27191 - Unspecified vulnerability in Lionwiki

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

lionwiki

NVD

Published: 2020-11-16

Updated: 2024-11-21

Summary

LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Vulnerable Configurations

Part	Description	Count
Application	Lionwiki Lionwiki Lionwiki - Lionwiki Lionwiki 3.2.8 Lionwiki Lionwiki 3.2.9 Lionwiki Lionwiki 3.2.10 Lionwiki Lionwiki 3.2.11	5

References

http://lionwiki.0o.cz/index.php?page=Main+page
http://lionwiki.0o.cz/index.php?page=Main+page
https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi
https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi