Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2981
PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the thumb_template parameter.
Homeph Design Homeph Design 2.10
1 EDB exploit
NA
CVE-2008-2982
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/templat...
Homeph Design Homeph Design 2.10
1 EDB exploit
NA
CVE-2010-4330
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic prior to 1.2.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.2.7
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.2.4
Pulsecms Pulse Cms 1.2.3
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.01
Pulsecms Pulse Cms 1.2.2
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.2.6
Pulsecms Pulse Cms 1.2.5
Pulsecms Pulse Cms 1.16
Pulsecms Pulse Cms 1.15
1 EDB exploit
NA
CVE-2009-4541
Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support Center 2.5 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) newticket.php or (2) rempass.php, or a URL in the lang parameter in an adduser action to (3) index.p...
Isolsoft Support Center 2.5
1 EDB exploit
NA
CVE-2007-4551
PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote malicious users to execute arbitrary PHP code via a URL in the loadpage parameter.
Agares Media Arcadem 2.0.1
2 EDB exploits
NA
CVE-2014-5465
Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and previous versions for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Werdswords Download Shortcode 0.2
Werdswords Download Shortcode 0.1
Werdswords Download Shortcode
Werdswords Download Shortcode 0.2.2
1 EDB exploit
NA
CVE-2006-5291
PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third part...
Alex Downloadengine 1.4.2
2 EDB exploits
NA
CVE-2015-8358
Directory traversal vulnerability in the bitrix.mpbuilder module prior to 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php...
Bitrix Mpbuilder
1 EDB exploit
NA
CVE-2009-4542
Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Isolsoft Support Center 2.5
1 EDB exploit
NA
CVE-2008-4718
Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156.
X7 Group X7 Chat 1.3.5b
X7 Group X7 Chat 1.3.4b
X7 Group X7 Chat 1.1.1b
X7 Group X7 Chat 1.0.0b
X7 Group X7 Chat
X7 Group X7 Chat 1.3.1b
X7 Group X7 Chat 1.3.0b
X7 Group X7 Chat 2.0.0
X7 Group X7 Chat 1.3.6
X7 Group X7 Chat 1.2.0b
X7 Group X7 Chat 1.1.2b
X7 Group X7 Chat 1.3.3b
X7 Group X7 Chat 1.3.2b
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »