Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web directory pro web directory pro vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2006-5905
Web Directory Pro allows remote malicious users to (1) backup the database and obtain the backup via a direct request to admin/backup_db.php or (2) modify configuration via a direct request to admin/options.php.
Web Directory Pro Web Directory Pro
5
CVSSv2
CVE-2018-10201
An issue exists in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulnerability could be exploited remotely by a crafted URL without credentials, with .../ or ....
Ncomputing Vspace Pro 10
Ncomputing Vspace Pro 11
1 EDB exploit
5
CVSSv2
CVE-2018-20470
An issue exists in Tyto Sahi Pro up to and including 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside malicious user to view contents of sensitive files.
Sahipro Sahi Pro
1 EDB exploit
NA
CVE-2022-43264
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows malicious users to perform directory traversal and download arbitrary files via a crafted web request.
Guitar-pro Guitar Pro
9.3
CVSSv2
CVE-2008-6734
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Keller Web Admin Kwa 0.94
2 EDB exploits
6.8
CVSSv2
CVE-2021-26293
An issue exists in AfterLogic Aurora up to and including 8.5.3 and WebMail Pro up to and including 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Serve...
Afterlogic Aurora
Afterlogic Webmail Pro
1 Github repository
7.5
CVSSv2
CVE-2011-4835
Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote malicious users to access arbitrary files via unspecified vectors.
Homeseer Homeseer Hs2 2.5.0.20
1 EDB exploit
NA
CVE-2023-6114
The Duplicator WordPress plugin prior to 1.5.7.1, Duplicator Pro WordPress plugin prior to 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data...
Awesomemotive Duplicator
8.3
CVSSv2
CVE-2016-1524
Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and previous versions allow remote malicious users to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then a...
Netgear Prosafe Network Management Software 300
1 EDB exploit
1 Article
7.8
CVSSv2
CVE-2016-1525
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and previous versions allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.
Netgear Prosafe Network Management Software 300 1.5.0.11
2 EDB exploits
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »