Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-2616
Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote malicious users to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.
Ezupload Ezupload 2.2
4 EDB exploits
7.5
CVSSv2
CVE-2006-4063
Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get...
Csaba Godor Sapid Blog Beta 2 Initial
4 EDB exploits
4.3
CVSSv2
CVE-2009-4699
Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php.
Skadate Skadate Online Dating Software 6.0
Skadate Skadate Online Dating Software 6.482
Skadate Skadate Online Dating Software
Skadate Skadate Online Dating Software 5.0
1 EDB exploit
5
CVSSv2
CVE-2009-4700
Directory traversal vulnerability in index.php in SkaDate Dating allows remote malicious users to read arbitrary files via a .. (dot dot) in the layout parameter.
Skadate Skadate Online Dating Software 5.0
Skadate Skadate Online Dating Software
Skadate Skadate Online Dating Software 6.482
Skadate Skadate Online Dating Software 6.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
6.8
CVSSv2
CVE-2009-4543
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote malicious users to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. ...
Cromosoft Facil Helpdesk 2.3
1 EDB exploit
5
CVSSv2
CVE-2014-6308
Directory traversal vulnerability in OSClass prior to 3.4.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.
Osclass Osclass
Osclass Osclass 3.4.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-2218
Multiple PHP remote file inclusion vulnerabilities in phpCollegeExchange 0.1.5c, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the home parameter to (1) i_head.php, (2) i_nav.php, (3) user_new_2.php, or (4) house/myrents...
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
4.3
CVSSv2
CVE-2009-2219
Multiple cross-site scripting (XSS) vulnerabilities in phpCollegeExchange 0.1.5c allow remote malicious users to inject arbitrary web script or HTML via the (1) _SESSION[handle] parameter to (a) home.php, (b) books/allbooks.php, or (c) books/home.php; or the (2) home parameter to...
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
4.3
CVSSv2
CVE-2009-0594
Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Apmuthu Phpskelsite 1.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »