Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory pro vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2017-2214
Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an malicious user to execute arbitrary code via a specially crafted executable file in an unspecified directory.
Jiransoft Appcheck
Jiransoft Appcheck Pro
6.5
CVSSv2
CVE-2008-4602
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
Qualityunit Post Affiliate Pro 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2012-5185
Directory traversal vulnerability in the Olive Toast Documents Pro File Viewer (formerly Files HD) app prior to 1.11.1 for iOS allows remote malicious users to read or delete files by leveraging guest access.
Olivetoast Documents Pro File Viewer
7.5
CVSSv2
CVE-2006-6694
Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a .. (dot dot) in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessi...
Scriptsfrenzy.com E-uploader Pro 1.0
1 EDB exploit
5.1
CVSSv2
CVE-2006-4721
Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP ...
Ccleague Pro Sports Cms 1.0.1 Rc1
1 EDB exploit
6.8
CVSSv2
CVE-2021-26293
An issue exists in AfterLogic Aurora up to and including 8.5.3 and WebMail Pro up to and including 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Serve...
Afterlogic Aurora
Afterlogic Webmail Pro
1 Github repository
5
CVSSv2
CVE-2021-26294
An issue exists in AfterLogic Aurora up to and including 7.7.9 and WebMail Pro up to and including 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/...
Afterlogic Aurora
Afterlogic Webmail Pro
2 Github repositories
NA
CVE-2023-26918
Diasoft File Replication Pro 7.5.0 allows malicious users to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.
Filereplicationpro File Replication Pro 7.5.0
4.6
CVSSv2
CVE-2014-8397
Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed.
Corel Fastflick
Corel Videostudio Pro X7
4.6
CVSSv2
CVE-2008-6502
Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a .. (dot dot) in the avatar parameter, and cause other users to execute this script by using sendData.php to send a message to (1)...
Prochatrooms Pro Chat Rooms 3.0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »