Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31527
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Flask-file-server Project Flask-file-server
8.8
CVSSv3
CVE-2018-20616
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.
Ok-file-formats Project Ok-file-formats
8.8
CVSSv3
CVE-2018-20617
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
Ok-file-formats Project Ok-file-formats
8.8
CVSSv3
CVE-2018-20618
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
Ok-file-formats Project Ok-file-formats
7.8
CVSSv3
CVE-2021-32263
ok-file-formats through 2021-04-29 has a heap-based buffer overflow in the ok_csv_circular_buffer_read function in ok_csv.c.
Ok-file-formats Project Ok-file-formats
8.8
CVSSv3
CVE-2021-28233
Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c.
Ok-file-formats Project Ok-file-formats -
8.8
CVSSv3
CVE-2019-16790
In Tiny File Manager prior to 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
Tiny File Manager Project Tiny File Manager
8.8
CVSSv3
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
8.8
CVSSv3
CVE-2020-7998
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.
Super File Explorer Project Super File Explorer 1.0.1
1 Github repository
9.8
CVSSv3
CVE-2022-40721
Arbitrary file upload vulnerability in php uploader
Creativedream File Uploader Project Creativedream File Uploader 0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »