Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2616
Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote malicious users to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.
Ezupload Ezupload 2.2
4 EDB exploits
NA
CVE-2008-2905
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramet...
Mambo Mambo 4.5.1.3
Mambo Mambo 4.5.1 1.0.9
Mambo Mambo 4.5.3h
Mambo Mambo 4.5.4
Mambo Mambo 4.6.1
Mambo Mambo 4.6.2
Mambo Mambo 4.0.14
Mambo Mambo 4.5.1a
Mambo Mambo 4.5.2
Mambo Mambo 4.5.2.1
Mambo Mambo 4.5 1.0.2
Mambo Mambo 4.5 1.0.3 Beta
Mambo Mambo 4.5.1 Beta
Mambo Mambo 4.5.1 Beta2
Mambo Mambo 4.5 1.0.0
Mambo Mambo 4.5 1.0.1
Mambo Mambo 4.6.4
Mambo Mambo 4.5
Mambo Mambo 4.5.0.2
Mambo Mambo 4.5.2.2
Mambo Mambo 4.5.2.3
Mambo Mambo 4.5 1.0.9
3 EDB exploits
NA
CVE-2006-4278
PHP remote file inclusion vulnerability in includes/layout/plain.footer.php in SportsPHool 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the mainnav parameter.
Sportsphool Sportsphool 1.0
2 EDB exploits
NA
CVE-2009-2219
Multiple cross-site scripting (XSS) vulnerabilities in phpCollegeExchange 0.1.5c allow remote malicious users to inject arbitrary web script or HTML via the (1) _SESSION[handle] parameter to (a) home.php, (b) books/allbooks.php, or (c) books/home.php; or the (2) home parameter to...
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
NA
CVE-2014-6308
Directory traversal vulnerability in OSClass prior to 3.4.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
Osclass Osclass
Osclass Osclass 3.4.0
1 EDB exploit
NA
CVE-2009-4543
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote malicious users to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. ...
Cromosoft Facil Helpdesk 2.3
1 EDB exploit
NA
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
NA
CVE-2002-1887
PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote malicious users to execute arbitrary PHP code via the l parameter.
Gregory Kokanosky Phpmynewsletter 0.6.10
2 EDB exploits
NA
CVE-2009-0594
Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Apmuthu Phpskelsite 1.4
1 EDB exploit
NA
CVE-2009-0595
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »