Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-5199
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) prior to 2.4.2 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: s...
Wordpress File Upload Project Wordpress File Upload
6.5
CVSSv2
CVE-2019-16790
In Tiny File Manager prior to 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
Tiny File Manager Project Tiny File Manager
6.5
CVSSv2
CVE-2021-45010
A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager prior to 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution.
Tiny File Manager Project Tiny File Manager
6 Github repositories
4.3
CVSSv2
CVE-2012-6040
Cross-site scripting (XSS) vulnerability in users.php in File King Advanced File Management 1.4 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Convergine File King Advanced File Management 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Jquery File Upload Project Jquery File Upload
3 EDB exploits
6 Github repositories
4.3
CVSSv2
CVE-2009-4647
Cross-site scripting (XSS) vulnerability in Accellion Secure File Transfer Appliance prior to 7_0_296 allows remote malicious users to inject arbitrary web script or HTML via the username parameter, which is not properly handled when the administrator views audit logs.
Accellion Secure File Transfer Appliance 7 0 135
Accellion Secure File Transfer Appliance 7 0 259
Accellion Secure File Transfer Appliance 7 0 178
Accellion Secure File Transfer Appliance 7 0 189
7.2
CVSSv2
CVE-2016-0263
IBM Spectrum Scale 4.1 prior to 4.1.1.5 and 4.2 prior to 4.2.0.2 and General Parallel File System 3.5 prior to 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.
Ibm General Parallel File System Storage Server 3.5.0.29
Ibm General Parallel File System Storage Server 3.5.0.28
Ibm General Parallel File System Storage Server 3.5.0.21
Ibm General Parallel File System Storage Server 3.5.0.20
Ibm General Parallel File System Storage Server 3.5.0.12
Ibm General Parallel File System Storage Server 3.5.0.11
Ibm General Parallel File System Storage Server 3.5.0.4
Ibm General Parallel File System Storage Server 3.5.0.3
Ibm General Parallel File System Storage Server 3.5.0.23
Ibm General Parallel File System Storage Server 3.5.0.22
Ibm General Parallel File System Storage Server 3.5.0.15
Ibm General Parallel File System Storage Server 3.5.0.14
Ibm General Parallel File System Storage Server 3.5.0.13
Ibm General Parallel File System Storage Server 3.5.0.6
Ibm General Parallel File System Storage Server 3.5.0.5
Ibm General Parallel File System Storage Server 3.5.0.27
Ibm General Parallel File System Storage Server 3.5.0.26
Ibm General Parallel File System Storage Server 3.5.0.19
Ibm General Parallel File System Storage Server 3.5.0.18
Ibm General Parallel File System Storage Server 3.5.0.10
Ibm General Parallel File System Storage Server 3.5.0.9
Ibm General Parallel File System Storage Server 3.5.0.2
NA
CVE-2022-45476
Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload.
Tiny File Manager Project Tiny File Manager 2.4.8
7.5
CVSSv2
CVE-2018-18912
An issue exists in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote malicious users to execute arbitrary code.
Sharing-file Easy File Sharing Web Server 7.2
NA
CVE-2023-3784
A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched r...
Wifi File Explorer Project Wifi File Explorer 1.13.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »