Bleeping Computer

File Inclusion Bug in Kibana Console for Elasticsearch Gets Exploit Code

Exploit code has been published for a local file inclusion (LFI) type of vulnerability affecting the Console plugin in Kibana data visualization tool for Elasticsearch; an attacker could use this to ...
Computerworld

Using darkjumper to test for remote file inclusion

File inclusion is a real threat in the wild today. We are seeing newly vulnerable and compromised hosts on a regular basis from the HITME data, and seeing that Apache ships with a default ...