Security for everyone

CVE-2020-27191 Scanner

Detects 'Local File Inclusion (LFI)' vulnerability in LionWiki affects v. before 3.2.12.

SCAN NOW

Short Info


Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

CVE-2020-27191 Scanner Detail

LionWiki is a lightweight, open-source content management system that allows users to create and manage their own wiki websites. Developed in PHP, this software package is easy to install, lightweight, and doesn't require a database. LionWiki is used by individuals, businesses, schools, and non-profit organizations to create wikis and share knowledge across their community.

Recently, a vulnerability has been detected in LionWiki – CVE-2020-27191. This Local File Inclusion allows an unauthenticated user to read files as the web server user by injecting a crafted string in the index.php f1 variable. This vulnerability only affects older versions of LionWiki that are no longer supported by the maintainer. In other words, those who are using the latest version of the software are not affected by this vulnerability.

If this vulnerability is exploited, the unauthenticated user can read and access sensitive information stored on the server. This includes important data such as user credentials, personal information, and confidential documents. It also opens up the possibility for hackers to execute arbitrary code that can have damaging consequences like file deletion, data corruption and more.

In conclusion, vulnerabilities in digital assets can have far-reaching consequences, and it is important to stay vigilant and take appropriate steps to protect against them. Securityforeveryone.com is a powerful platform that provides a comprehensive suite of pro features to identify and mitigate vulnerabilities in your digital assets quickly and easily. By using this platform, individuals and businesses can keep their data safe from new vulnerabilities like CVE-2020-27191 and other threats.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture