Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-35173
The Amaze File Manager application prior to 3.4.2 for Android does not properly restrict intents for controlling the FTP server (aka services.ftpservice.FTPReceiver.ACTION_START_FTPSERVER and services.ftpservice.FTPReceiver.ACTION_STOP_FTPSERVER).
Amaze File Manager Project Amaze File Manager
6.4
CVSSv2
CVE-2022-31527
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Flask-file-server Project Flask-file-server
6.8
CVSSv2
CVE-2018-20616
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.
Ok-file-formats Project Ok-file-formats
6.8
CVSSv2
CVE-2018-20617
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
Ok-file-formats Project Ok-file-formats
6.8
CVSSv2
CVE-2018-20618
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
Ok-file-formats Project Ok-file-formats
7.5
CVSSv2
CVE-2017-8297
A path traversal vulnerability exists in simple-file-manager prior to 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component).
Simple-file-manager Project Simple-file-manager
7.5
CVSSv2
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Jquery File Upload Project Jquery File Upload
3 EDB exploits
7 Github repositories
5
CVSSv2
CVE-2020-24144
Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] parameter in a move operation.
Media File Organizer Project Media File Organizer 1.0.1
NA
CVE-2023-27245
A cross-site scripting (XSS) vulnerability in File Management Project 1.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module.
File Management System Project File Management System 1.0.0
NA
CVE-2023-3784
A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched r...
Wifi File Explorer Project Wifi File Explorer 1.13.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »