Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-34127
The Managentities plugin prior to 4.0.2 for GLPI allows reading local files via directory traversal in the inc/cri.class.php file parameter.
Glpi-project Manageentities
NA
CVE-2008-4667
Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the rss parameter.
Arabcms Arabcms 2.0
1 EDB exploit
NA
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
NA
CVE-2008-6843
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote malicious users to read arbitrary files via a .. (dot dot) in the sup3r parameter.
Netenberg Fantastico De Luxe
Cpanel Cpanel 11
Cpanel Cpanel 11.4.19
Cpanel Cpanel 11.8.6
Cpanel Cpanel 11.8.6 Stable
Cpanel Cpanel 11.16
Cpanel Cpanel 11.18
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.18.2
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.4
Cpanel Cpanel 11.19.3
Cpanel Cpanel 11.21
Cpanel Cpanel 11.22
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.22.3
Cpanel Cpanel 11.23.1
Cpanel Cpanel 11.23.1 Current
1 EDB exploit
NA
CVE-2010-1043
Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Jaxcms Jaxcms 1.0
1 EDB exploit
NA
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.06.10
1 EDB exploit
NA
CVE-2008-5819
Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third...
Edreamers Ednews 2.0
1 EDB exploit
NA
CVE-2008-5948
Directory traversal vulnerability in index.php in BNCwi 1.04 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.
Bncwi Bncwi 1.03
Bncwi Bncwi
1 EDB exploit
NA
CVE-2010-4406
Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote malicious users to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.
Brunetton Littlephpgallery 1.0.2
1 EDB exploit
NA
CVE-2010-0958
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some o...
Thomas Perez Tribisur 2.0
Thomas Perez Tribisur
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »