Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-0330
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Wss-pro Scms 1
1 EDB exploit
755
VMScore
CVE-2009-0422
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and previous versions, when register_globals is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] paramet...
Tincan Phplist 2.7.2
Tincan Phplist 2.8.2
Tincan Phplist 2.10.6
Tincan Phplist 2.10.7
Tincan Phplist 2.6.0
Tincan Phplist 2.5.8
Tincan Phplist 2.5.0
Tincan Phplist 2.4.0
Tincan Phplist 2.2.1
Tincan Phplist 2.2.0
Tincan Phplist 1.9.1
Tincan Phplist 1.9.0
Tincan Phplist 2.8.12
Tincan Phplist 2.10.1
Tincan Phplist 2.8.7
Tincan Phplist 2.6.4
Tincan Phplist 2.5.7
Tincan Phplist 2.5.6
Tincan Phplist 2.3.4
Tincan Phplist 2.4.7
Tincan Phplist 2.1.4
Tincan Phplist 2.1.3
1 EDB exploit
685
VMScore
CVE-2010-0958
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some o...
Thomas Perez Tribisur
Thomas Perez Tribisur 2.0
1 EDB exploit
505
VMScore
CVE-2014-5115
Absolute path traversal vulnerability in DirPHP 1.0 allows remote malicious users to read arbitrary files via a full pathname in the phpfile parameter to index.php.
Dirphp Project Dirphp 1.0
1 EDB exploit
685
VMScore
CVE-2011-0405
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via directory traversal sequences in the pgvaction parameter.
Phpgedview Phpgedview 4.2.3
1 EDB exploit
685
VMScore
CVE-2011-0506
Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote malicious users to execute arbitrary code via a .. (dot dot) in the aXconf[default_language] parameter.
Tsixm Axdcms 0.1.1
1 EDB exploit
685
VMScore
CVE-2009-3534
Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter.
Lionwiki Lionwiki 3.0.3
1 EDB exploit
755
VMScore
CVE-2012-4997
Directory traversal vulnerability in acp/index.php in AneCMS allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Anecms Anecms -
Anecms Anecms 2e2c583
1 EDB exploit
685
VMScore
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.06.10
1 EDB exploit
685
VMScore
CVE-2010-4798
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
Orangehrm Orangehrm 2.6.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »