Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0595
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
NA
CVE-2009-2219
Multiple cross-site scripting (XSS) vulnerabilities in phpCollegeExchange 0.1.5c allow remote malicious users to inject arbitrary web script or HTML via the (1) _SESSION[handle] parameter to (a) home.php, (b) books/allbooks.php, or (c) books/home.php; or the (2) home parameter to...
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
NA
CVE-2009-4543
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote malicious users to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. ...
Cromosoft Facil Helpdesk 2.3
1 EDB exploit
NA
CVE-2009-4700
Directory traversal vulnerability in index.php in SkaDate Dating allows remote malicious users to read arbitrary files via a .. (dot dot) in the layout parameter.
Skadate Skadate Online Dating Software 5.0
Skadate Skadate Online Dating Software
Skadate Skadate Online Dating Software 6.482
Skadate Skadate Online Dating Software 6.0
1 EDB exploit
NA
CVE-2009-4739
PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote malicious users to execute arbitrary PHP code via a URL in the language_id parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequenc...
Skadate Skadate Online Dating Software
1 EDB exploit
NA
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote malicious users to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) galler...
Visualshapers Ezcontents 2.0.3
10 EDB exploits
NA
CVE-2008-1466
Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 allow remote malicious users to execute arbitrary PHP code via a URL in the bn_dir_default parameter to (1) add_user.php, (2) create_forum.php, (3) create_user.php, (4) delete_notes.php, (5) delete_user.php, (6) ed...
W-agora W-agora 4.0
9 EDB exploits
NA
CVE-2008-6543
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8...
Comscripts Quick Classifieds 1.0
36 EDB exploits
NA
CVE-2006-3475
Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, ...
Free Qboard Free Qboard 1.1
7 EDB exploits
NA
CVE-2008-6066
Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules.php, (2) ManagerResource.class.php, (3) ManagerRightsResource.class.php, (4) RegForm.class.php, (5) Re...
Meet\\#web Meet\\#web 0.8
6 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »