Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6592
Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow remote malicious users to execute arbitrary PHP code via a URL in the page[path] parameter to (1) index.php, (2) admin.php, (3) rss.php, (4) rdf.php, (5) rss2.php, or (6) files/mainfile.php.
Php Bloq 0.5.4
6 EDB exploits
5.1
CVSSv2
CVE-2006-0755
Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary commands via the baseDir parameter in (1) db_adodb.php, (2) db_connect.php, (3) session.php, (4) vw_usr_...
Dotproject Dotproject 2.0
Dotproject Dotproject 2.0.1
10 EDB exploits
5
CVSSv2
CVE-2013-7190
Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote malicious users to read arbitrary files via the (1) tmpid parameter to websitebuilder/showtemplateimage.php, (2) fname parameter to admin/downloadfile.php, or (3) id parameter to suppo...
Iscripts Autohoster 2.4
4 EDB exploits
7.5
CVSSv2
CVE-2005-0862
Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and previous versions allow remote malicious users to execute arbitrary PHP code via the phpbb_root_path parameter to (1) poc_loginform.php or (2) phpbb/poc.php, the poc_root_path parameter to (3) phpbb/poc.p...
Phpopenchat Phpopenchat 2.3.4
Phpopenchat Phpopenchat 3.0.1
3 EDB exploits
5
CVSSv2
CVE-2012-1790
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote malicious users to read arbitrary files via a full pathname in the file parameter to index.php.
Webgrind Project Webgrind 1.0
1 EDB exploit
5
CVSSv2
CVE-2008-2350
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 up to and including 1.0.13 allows remote malicious users to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
Bcoos Bcoos 1.0.11
Bcoos Bcoos 1.0.9
1 EDB exploit
7.5
CVSSv2
CVE-2007-1076
Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote malicious users to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
Phptraffica Phptraffica 1.4.1
2 EDB exploits
5
CVSSv2
CVE-2006-0713
Directory traversal vulnerability in LinPHA 1.0 allows remote malicious users to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php, (3) install/sec_stage_install.php, (4) install/th...
Linpha Linpha 0.9.4
Linpha Linpha 0.9.3
Linpha Linpha 0.9.2
Linpha Linpha 1.0
Linpha Linpha 0.9.1
Linpha Linpha 0.9.0
4 EDB exploits
4.3
CVSSv2
CVE-2008-2980
Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote malicious users to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/register/register.php, the (2) feature_language[ueberschrift] parameter to admin...
Homeph Design Homeph Design 2.10
1 EDB exploit
6.8
CVSSv2
CVE-2008-2982
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/templat...
Homeph Design Homeph Design 2.10
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »