CVE-2019-11397
MEDIUMRapid4 RapidFlows Enterprise App <4.5M.23 - Local File Inclusion
Title source: llmDescription
GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter.
References (2)
Core 2
Core References
Product, Vendor Advisory, URL Repurposed x_refsource_misc
http://rapidflows.com/
Various Sources x_refsource_misc
https://medium.com/%40javarmutt/rapid4-local-file-inclusion-0day-151c830ac74a
Scores
CVSS v3
6.5
EPSS
0.0548
EPSS Percentile
91.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (2)
microsoft/.net_framework
4.5
rapidflows/rapid4
4.5m.23
Published
May 14, 2019
Tracked Since
Feb 18, 2026