Bleeping Computer

File Inclusion Bug in Kibana Console for Elasticsearch Gets Exploit Code

Exploit code has been published for a local file inclusion (LFI) type of vulnerability affecting the Console plugin in Kibana data visualization tool for Elasticsearch; an attacker could use this to ...
Computerworld

Using darkjumper to test for remote file inclusion

Running again with the –help or -h switches will print the options to the menu. This tool has several helpful options that could help expedite the discovery of various attack vectors against the web ...