Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4809
Directory traversal vulnerability in thumbnail.ghp in Easy File Sharing (EFS) Web Server 4.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the vfolder parameter.
Sharing-file Easy File Sharing Web Server 4.8
8.6
CVSSv3
CVE-2020-24144
Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] parameter in a move operation.
Media File Organizer Project Media File Organizer 1.0.1
9.8
CVSSv3
CVE-2022-40721
Arbitrary file upload vulnerability in php uploader
Creativedream File Uploader Project Creativedream File Uploader 0.3
6.5
CVSSv3
CVE-2022-45475
Tiny File Manager version 2.4.8 allows an unauthenticated remote malicious user to access the application's internal files. This is possible because the application is vulnerable to broken access control.
Tiny File Manager Project Tiny File Manager 2.4.8
9.8
CVSSv3
CVE-2022-45476
Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload.
Tiny File Manager Project Tiny File Manager 2.4.8
6.1
CVSSv3
CVE-2018-19041
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5.3
CVSSv3
CVE-2018-19042
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5.3
CVSSv3
CVE-2018-19043
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5.4
CVSSv3
CVE-2023-3784
A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched r...
Wifi File Explorer Project Wifi File Explorer 1.13.3
7.5
CVSSv3
CVE-2020-22550
Veno File Manager 3.5.6 is affected by a directory traversal vulnerability. Using the traversal allows an malicious user to download sensitive files from the server.
Veno File Manager Project Veno File Manager 3.5.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »