CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-27191

LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.745

EPSS Ranking 98.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://lionwiki.0o.cz/index.php?page=Main+page
https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi
http://lionwiki.0o.cz/index.php?page=Main+page
https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi

Products affected by CVE-2020-27191

Lionwiki » Lionwiki » Version: N/A

cpe:2.3:a:lionwiki:lionwiki:-
Lionwiki » Lionwiki » Version: 3.2.10

cpe:2.3:a:lionwiki:lionwiki:3.2.10
Lionwiki » Lionwiki » Version: 3.2.11

cpe:2.3:a:lionwiki:lionwiki:3.2.11
Lionwiki » Lionwiki » Version: 3.2.8

cpe:2.3:a:lionwiki:lionwiki:3.2.8
Lionwiki » Lionwiki » Version: 3.2.9

cpe:2.3:a:lionwiki:lionwiki:3.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27191

Products

Pricing

Contact Us