Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2010-0958
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some o...
Thomas Perez Tribisur
Thomas Perez Tribisur 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-1043
Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Jaxcms Jaxcms 1.0
1 EDB exploit
NA
CVE-2022-34125
front/icon.send.php in the CMDB plugin prior to 3.0.3 for GLPI allows malicious users to gain read access to sensitive information via a _log/ pathname in the file parameter.
Glpi-project Cmdb
7.5
CVSSv2
CVE-2008-4522
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
Jesse-web Jmweb Mp3 Music Audio Search And Download Script
1 EDB exploit
6.8
CVSSv2
CVE-2010-1999
Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to...
Openmairie Opencatalogue 1.024
1 EDB exploit
6.8
CVSSv2
CVE-2008-6522
Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote malicious users to list arbitrary directories and read arbitrary files via a .. (dot dot) in the ...
Devraj Mukherjee Openterracotta 0.6.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-5684
Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and previous versions allow remote malicious users to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "....
Tiki Tikiwiki Cms\\/groupware 1.9.4
Tiki Tikiwiki Cms\\/groupware 1.9.2
Tiki Tikiwiki Cms\\/groupware 1.9.8
Tiki Tikiwiki Cms\\/groupware 1.9.7
Tiki Tikiwiki Cms\\/groupware 1.9.6
Tiki Tikiwiki Cms\\/groupware 1.9.5
Tiki Tikiwiki Cms\\/groupware 1.9.0
Tiki Tikiwiki Cms\\/groupware 1.9.3
Tiki Tikiwiki Cms\\/groupware 1.9.1
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
1 EDB exploit
7.5
CVSSv2
CVE-2015-3648
Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace prior to 7.2.6727 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter.
Montala Resourcespace
6.8
CVSSv2
CVE-2008-5818
Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third ...
Edreamers Edcontainer 2.22
1 EDB exploit
6.8
CVSSv2
CVE-2008-6271
Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the content parameter.
Tbmnet Tbmnetcms 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
8
9
10
NEXT »