Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-0820
Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote malicious users to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of ...
Cedric Claire Portailphp 2
4 EDB exploits
7.5
CVSSv2
CVE-2006-5021
Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the root parameter in imgen.php, and the root_path parameter in (2) admin/config.php, (3) common.php, and (4) admin/index.php. NOTE...
Redblog Redblog 0.5
4 EDB exploits
6.8
CVSSv2
CVE-2007-2199
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1.3.1 for Vincent Blavet PhpConcept Library, as used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLOR...
Nx N X Wcms 4.5
Joomla Joomla 1.5.0
Cjg Explorer Pro Cjg Explorer Pro 3.3
Phpsitebackup Phpsitebackup 0.1
3 EDB exploits
7.5
CVSSv2
CVE-2006-3175
Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects...
Mcguestbook Mcguestbook 1.3
3 EDB exploits
4
CVSSv2
CVE-2006-2685
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and previous versions, with register_globals enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_s...
Kevin Johnson Basic Analysis And Security Engine 1.2.2
Kevin Johnson Basic Analysis And Security Engine 1.2.4
Kevin Johnson Basic Analysis And Security Engine 1.2.0
Kevin Johnson Basic Analysis And Security Engine 1.2.1
3 EDB exploits
5
CVSSv2
CVE-2018-19246
PHP-Proxy 5.1.0 allows remote malicious users to read local files if the default "pre-installed version" (intended for users who lack shell access to their web server) is used. This occurs because the aeb067ca0aa9a3193dce3a7264c90187 app_key value from the default confi...
Php-proxy Php-proxy 5.1.0
1 EDB exploit
2 Github repositories
7.5
CVSSv2
CVE-2008-6408
PHP remote file inclusion vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote malicious users to execute arbitrary PHP code via a URL in the framefile parameter.
Brian Wilson Ol\\'bookmarks 0.7.5
1 EDB exploit
6.8
CVSSv2
CVE-2008-2978
Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the prefix parameter.
Ourvideocms Ourvideo Cms 9.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-2977
Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote malicious users to execute arbitrary PHP code via a URL in the include_connection parameter to (1) edit_top_feature.php and (2) edit_topics_feature.php in phpi/.
Ourvideo Cms Ourvideo Cms 9.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-2979
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters.
Ourvideo Cms Ourvideo Cms 9.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »