{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T05:49:27.558","vulnerabilities":[{"cve":{"id":"CVE-2020-27191","sourceIdentifier":"cve@mitre.org","published":"2020-11-16T16:15:14.837","lastModified":"2024-11-21T05:20:50.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."},{"lang":"es","value":"LionWiki versiones anteriores a 3.2.12, permite a un usuario no autenticado leer archivos como usuario del servidor web por medio de una cadena diseñada en la variable f1 del archivo index.php, también se conoce como Inclusión de Archivo Local. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lionwiki:lionwiki:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.12","matchCriteriaId":"A768A9CC-092E-469B-A7CE-585377034E98"}]}]}],"references":[{"url":"http://lionwiki.0o.cz/index.php?page=Main+page","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://lionwiki.0o.cz/index.php?page=Main+page","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}