Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
5
CVSSv2
CVE-2019-5447
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows malicious users to list files in arbitrary folders.
Http-file-server Project Http-file-server
4.3
CVSSv2
CVE-2020-23706
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
4.3
CVSSv2
CVE-2020-23707
A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows malicious users to cause a Denial of Service (DOS) via a crafted jpeg file.
Ok-file-formats Project Ok-file-formats
6.8
CVSSv2
CVE-2014-5199
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) prior to 2.4.2 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: s...
Wordpress File Upload Project Wordpress File Upload
7.5
CVSSv2
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Jquery File Upload Project Jquery File Upload
3 EDB exploits
7 Github repositories
6.8
CVSSv2
CVE-2021-28233
Heap-based Buffer Overflow vulnerability exists in ok-file-formats 1 via the ok_jpg_generate_huffman_table function in ok_jpg.c.
Ok-file-formats Project Ok-file-formats -
5
CVSSv2
CVE-2018-19040
The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
4.3
CVSSv2
CVE-2018-19041
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5
CVSSv2
CVE-2018-19042
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »