Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4931
Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party
Php-fusion Php-fusion -
1 EDB exploit
NA
CVE-2008-0742
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote malicious users to read and include arbitrary files via a .. (dot dot) in the (1) subpage parameter in (a) categories.inc.php, (b) news.inc.php, (c) other.inc.php, (d) permissions.inc.php, (...
Powerscripts Powernews 2.5.6
1 EDB exploit
NA
CVE-2007-5684
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and previous versions allow remote malicious users to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "....
Tiki Tikiwiki Cms/groupware
Tiki Tikiwiki Cms/groupware 1.9.4
Tiki Tikiwiki Cms/groupware 1.9.0
Tiki Tikiwiki Cms/groupware 1.9.3
Tiki Tikiwiki Cms/groupware 1.6.1
Tiki Tikiwiki Cms/groupware 1.9.5
Tiki Tikiwiki Cms/groupware 1.9.8
Tiki Tikiwiki Cms/groupware 1.9.6
Tiki Tikiwiki Cms/groupware 1.9.2
Tiki Tikiwiki Cms/groupware 1.9.1
Tiki Tikiwiki Cms/groupware 1.9.7
1 EDB exploit
NA
CVE-2009-0330
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Wss-pro Scms 1
1 EDB exploit
NA
CVE-2007-1232
Directory traversal vulnerability in SQLiteManager 1.2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in a SQLiteManager_currentTheme cookie.
Sqlite Manager Sqlite Manager 1.2
1 EDB exploit
NA
CVE-2009-0286
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
Opengoo Opengoo 1.1
1 EDB exploit
NA
CVE-2009-0422
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and previous versions, when register_globals is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] paramet...
Tincan Phplist 2.4.0
Tincan Phplist 2.5.6
Tincan Phplist 2.10.6
Tincan Phplist 2.10.3
Tincan Phplist 1.6.1
Tincan Phplist 2.8.2
Tincan Phplist 1.9.0
Tincan Phplist 2.5.5
Tincan Phplist 1.6.0
Tincan Phplist 1.9.3
Tincan Phplist 1.6.3
Tincan Phplist 2.6.3
Tincan Phplist 2.1.0
Tincan Phplist 2.9.4
Tincan Phplist 2.3.1
Tincan Phplist 2.6.5
Tincan Phplist 2.9.3
Tincan Phplist 1.6.4
Tincan Phplist 2.6
Tincan Phplist 2.1.4
Tincan Phplist 2.5.7
Tincan Phplist 2.6.0
1 EDB exploit
NA
CVE-2008-5819
Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third...
Edreamers Ednews 2.0
1 EDB exploit
NA
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.06.10
1 EDB exploit
NA
CVE-2008-2672
Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and previous versions, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) ewiki_id and (2) ewiki_action parameters to fragments...
Erfurtwiki Erfurtwiki
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »