Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file browser vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-27176
Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions (when using 'File Sanitization Option'), and RevoWorks Desktop 2.1.84 and pr...
Jscom Revoworks Scvx
Jscom Revoworks Desktop
Jscom Revoworks Browser
NA
CVE-2023-32715
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the user’s machine. The app itself does not contain the potentially malicious JavaScript code. The vulnerab...
Splunk Splunk App For Lookup File Editing
9.3
CVSSv2
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
6.4
CVSSv2
CVE-2002-2311
Microsoft Internet Explorer 6.0 and possibly others allows remote malicious users to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that th...
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Opera Software Opera Web Browser 6.0.1
Microsoft Internet Explorer 5.0.1
4.3
CVSSv2
CVE-2017-12265
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected devic...
Cisco Adaptive Security Appliance -
7.5
CVSSv2
CVE-2008-3402
Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Statistics (HBS) 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the hm parameter to (1) hioxupdate.php and (2) hioxstats.php.
Hscripts Hiox Random Ad 2.0
1 EDB exploit
3.5
CVSSv2
CVE-2016-1566
Cross-site scripting (XSS) vulnerability in the file browser in Guacamole 0.9.8 and 0.9.9, when file transfer is enabled to a location shared by multiple users, allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename. NOTE: this vulnerabili...
Apache Guacamole 0.9.9
Apache Guacamole 0.9.8
NA
CVE-2015-0849
pycode-browser: CVE-2015-0849: predictable temporary file vulnerability
10
CVSSv2
CVE-2011-4908
TinyBrowser plugin for Joomla! prior to 1.5.13 allows arbitrary file upload via upload.php.
Tiny Tinybrowser
2 EDB exploits
6.4
CVSSv2
CVE-2004-0760
Mozilla allows remote malicious users to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Mozilla Mozilla
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »