Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0859
PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote malicious users to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. NOTE: some sources have reported the "dir" parameter as being affected; however, this is l...
Czaries Network Czarnews 1.13b
2 EDB exploits
NA
CVE-2011-1099
Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls prior to 1.0.2 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p par...
Focalmedia.net Quick Polls
1 EDB exploit
NA
CVE-2008-2980
Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote malicious users to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/register/register.php, the (2) feature_language[ueberschrift] parameter to admin...
Homeph Design Homeph Design 2.10
1 EDB exploit
NA
CVE-2008-2981
PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the thumb_template parameter.
Homeph Design Homeph Design 2.10
1 EDB exploit
NA
CVE-2008-2982
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/templat...
Homeph Design Homeph Design 2.10
1 EDB exploit
NA
CVE-2009-4542
Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Isolsoft Support Center 2.5
1 EDB exploit
NA
CVE-2008-4718
Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156.
X7 Group X7 Chat 1.3.5b
X7 Group X7 Chat 1.3.4b
X7 Group X7 Chat 1.1.1b
X7 Group X7 Chat 1.0.0b
X7 Group X7 Chat
X7 Group X7 Chat 1.3.1b
X7 Group X7 Chat 1.3.0b
X7 Group X7 Chat 2.0.0
X7 Group X7 Chat 1.3.6
X7 Group X7 Chat 1.2.0b
X7 Group X7 Chat 1.1.2b
X7 Group X7 Chat 1.3.3b
X7 Group X7 Chat 1.3.2b
2 EDB exploits
NA
CVE-2015-8358
Directory traversal vulnerability in the bitrix.mpbuilder module prior to 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php...
Bitrix Mpbuilder
1 EDB exploit
NA
CVE-2006-4656
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actua...
Web-provence Sl Site
2 EDB exploits
NA
CVE-2006-5291
PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third part...
Alex Downloadengine 1.4.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »