Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6522
Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote malicious users to list arbitrary directories and read arbitrary files via a .. (dot dot) in the ...
Devraj Mukherjee Openterracotta 0.6.1
1 EDB exploit
NA
CVE-2010-1043
Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Jaxcms Jaxcms 1.0
1 EDB exploit
NA
CVE-2008-5993
Directory traversal vulnerability in image.php in Barcode Generator 1D (barcodegen) 2.0.0 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the code parameter.
Barcodephp Barcodegen 1d 1.3.0
Barcodephp Barcodegen 1d 1.2.4
Barcodephp Barcodegen 1d
1 EDB exploit
NA
CVE-2009-0422
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and previous versions, when register_globals is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] paramet...
Tincan Phplist 2.4.0
Tincan Phplist 2.5.6
Tincan Phplist 2.10.6
Tincan Phplist 2.10.3
Tincan Phplist 1.6.1
Tincan Phplist 2.8.2
Tincan Phplist 1.9.0
Tincan Phplist 2.5.5
Tincan Phplist 1.6.0
Tincan Phplist 1.9.3
Tincan Phplist 1.6.3
Tincan Phplist 2.6.3
Tincan Phplist 2.1.0
Tincan Phplist 2.9.4
Tincan Phplist 2.3.1
Tincan Phplist 2.6.5
Tincan Phplist 2.9.3
Tincan Phplist 1.6.4
Tincan Phplist 2.6
Tincan Phplist 2.1.4
Tincan Phplist 2.5.7
Tincan Phplist 2.6.0
1 EDB exploit
NA
CVE-2008-2672
Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and previous versions, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) ewiki_id and (2) ewiki_action parameters to fragments...
Erfurtwiki Erfurtwiki
1 EDB exploit
NA
CVE-2008-6843
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote malicious users to read arbitrary files via a .. (dot dot) in the sup3r parameter.
Netenberg Fantastico De Luxe
Cpanel Cpanel 11
Cpanel Cpanel 11.4.19
Cpanel Cpanel 11.8.6
Cpanel Cpanel 11.8.6 Stable
Cpanel Cpanel 11.16
Cpanel Cpanel 11.18
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.18.2
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.4
Cpanel Cpanel 11.19.3
Cpanel Cpanel 11.21
Cpanel Cpanel 11.22
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.22.3
Cpanel Cpanel 11.23.1
Cpanel Cpanel 11.23.1 Current
1 EDB exploit
NA
CVE-2010-4931
Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party
Php-fusion Php-fusion -
1 EDB exploit
NA
CVE-2010-1999
Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to...
Openmairie Opencatalogue 1.024
1 EDB exploit
NA
CVE-2010-1936
Directory traversal vulnerability in scr/soustab.php in openMairie openComInterne 1.01, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to...
Openmairie Opencominterne 1.01
1 EDB exploit
NA
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »