bug-bounty504
google358
xss310
microsoft301
facebook265
rce221
exploit213
malware168
apple164
cve142
account-takeover116
bragging-post102
privilege-escalation98
csrf92
phishing86
browser80
writeup78
supply-chain69
authentication-bypass69
dos68
stored-xss65
ssrf57
reflected-xss57
reverse-engineering55
react54
access-control52
aws49
input-validation49
cross-site-scripting48
docker47
cloudflare47
lfi47
web-security46
node46
ctf45
sql-injection45
smart-contract45
ethereum44
web-application44
web343
defi43
oauth43
race-condition40
open-source39
auth-bypass39
pentest39
cloud38
idor37
burp-suite36
info-disclosure36
0
6/10
A Local File Inclusion (LFI) vulnerability was discovered in Apache Drill through improper handling of file paths in the query interface, allowing an attacker to read arbitrary files from the server by manipulating the dfs storage plugin configuration to access sensitive files like /etc/passwd.
local-file-inclusion
lfi
apache-drill
recon
file-inclusion
information-disclosure
directory-traversal
hackerone
bug-bounty
rce-potential
Apache Drill
HackerOne
Jobert Abma
Gujjuboy10x00
Shodan
crt.sh
0
7/10
vulnerability
A Local File Inclusion (LFI) vulnerability was discovered in Apigee portals where the SCSS @import directive could be abused to read arbitrary files on the server by referencing paths like /etc/shadow, with compilation errors exposing file contents. The vulnerability was patched by Google shortly after disclosure through their VRP.
Apigee
Google
Google VRP
Drupal 7
healthapix.apigee.io
sass-lang.com