Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project file vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-23707
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
6.8
CVSSv2
CVE-2021-28233
Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c.
Ok-file-formats Project Ok-file-formats -
7.2
CVSSv2
CVE-2020-36246
Amaze File Manager prior to 3.5.1 allows malicious users to obtain root privileges via shell metacharacters in a symbolic link.
Amaze File Manager Project Amaze File Manager
6.8
CVSSv2
CVE-2021-32263
ok-file-formats through 2021-04-29 has a heap-based buffer overflow in the ok_csv_circular_buffer_read function in ok_csv.c.
Ok-file-formats Project Ok-file-formats
4.3
CVSSv2
CVE-2018-3726
crud-file-server node module prior to 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Crud-file-server Project Crud-file-server
NA
CVE-2022-4764
The Simple File Downloader WordPress plugin up to and including 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stor...
Simple File Downloader Project Simple File Downloader
7.5
CVSSv2
CVE-2017-8297
A path traversal vulnerability exists in simple-file-manager prior to 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component).
Simple-file-manager Project Simple-file-manager
9
CVSSv2
CVE-2020-7998
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.
Super File Explorer Project Super File Explorer 1.0.1
1 Github repository
5
CVSSv2
CVE-2018-19043
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5
CVSSv2
CVE-2018-19040
The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »