Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-12593
IceWarp Mail Server up to and including 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
Icewarp Mail Server
1 EDB exploit
4.3
CVSSv2
CVE-2012-1669
Directory traversal vulnerability in index.php in phpMoneyBooks prior to 1.0.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Phpmoneybooks Phpmoneybooks
1 EDB exploit
7.5
CVSSv2
CVE-2012-2227
Directory traversal vulnerability in update/index.php in PluXml prior to 5.1.6 allows remote malicious users to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.
Pluxml Pluxml
1 EDB exploit
6.8
CVSSv2
CVE-2010-1920
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to C...
Openmairie Openannuaire 2.00
1 EDB exploit
6.8
CVSSv2
CVE-2010-1921
Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) annuaire.class.php, (2) droit.class.php, (3) collectivite.cla...
Openmairie Openannuaire 2.00
1 EDB exploit
4
CVSSv2
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp.
Wso2 Carbon 4.4.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-6196
Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the EASYSITE_BASE parameter to (1) browser.php, (2) image_editor.php and (3) skin_chooser.php in configuration/. NOTE: the p...
Philippe Crochat Easysite 2.0
3 EDB exploits
7.5
CVSSv2
CVE-2003-1240
PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote malicious users to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php.
Cutephp Cutenews 0.88
3 EDB exploits
9.3
CVSSv2
CVE-2007-4235
Multiple PHP remote file inclusion vulnerabilities in VietPHP allow remote malicious users to execute arbitrary PHP code via a URL in (1) the dirpath parameter to (a) _functions.php, or (2) the language parameter to (b) admin/index.php or (c) index.php.
Vietphp Vietphp
3 EDB exploits
5
CVSSv2
CVE-2014-6308
Directory traversal vulnerability in OSClass prior to 3.4.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
Osclass Osclass
Osclass Osclass 3.4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »