Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
405
VMScore
CVE-2013-5757
Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx.
Yealink Sip-t38g -
1 EDB exploit
655
VMScore
CVE-2018-10260
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
Hrsale Project Hrsale 1.0.2
1 EDB exploit
685
VMScore
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.06.10
1 EDB exploit
668
VMScore
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
685
VMScore
CVE-2008-5819
Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third...
Edreamers Ednews 2.0
1 EDB exploit
755
VMScore
CVE-2008-5948
Directory traversal vulnerability in index.php in BNCwi 1.04 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.
Bncwi Bncwi
Bncwi Bncwi 1.03
1 EDB exploit
755
VMScore
CVE-2008-5993
Directory traversal vulnerability in image.php in Barcode Generator 1D (barcodegen) 2.0.0 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the code parameter.
Barcodephp Barcodegen 1d 1.2.4
Barcodephp Barcodegen 1d
Barcodephp Barcodegen 1d 1.3.0
1 EDB exploit
685
VMScore
CVE-2009-0330
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Wss-pro Scms 1
1 EDB exploit
NA
CVE-2022-34127
The Managentities plugin prior to 4.0.2 for GLPI allows reading local files via directory traversal in the inc/cri.class.php file parameter.
Glpi-project Manageentities
685
VMScore
CVE-2010-4798
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
Orangehrm Orangehrm 2.6.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »