Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0293
Directory traversal vulnerability in ShopCartCGI 2.3 allows remote malicious users to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.
Shopcartcgi Shopcartcgi 2.3
2 EDB exploits
NA
CVE-2007-1149
Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI.
Lovecms Lovecms 1.4
2 EDB exploits
7.5
CVSSv3
CVE-2018-12054
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.
Schools Alert Management Script Project Schools Alert Management Script -
1 EDB exploit
8.8
CVSSv3
CVE-2017-14704
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Claydip Airbnb Clone 1.0
1 EDB exploit
NA
CVE-2003-1051
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Ibm Db2 9.0
3 EDB exploits
NA
CVE-2011-1425
xslt.c in XML Security Library (aka xmlsec) prior to 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote malicious users to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signa...
Aleksey Xml Security Library
Aleksey Xml Security Library 1.2.7
Aleksey Xml Security Library 1.2.6
Aleksey Xml Security Library 1.1.2
Aleksey Xml Security Library 1.1.1
Aleksey Xml Security Library 1.0.0
Aleksey Xml Security Library 0.1.1
Aleksey Xml Security Library 0.0.9
Aleksey Xml Security Library 0.0.8
Aleksey Xml Security Library 0.0.2
Aleksey Xml Security Library 0.0.1
Aleksey Xml Security Library 1.2.13
Aleksey Xml Security Library 1.2.11
Aleksey Xml Security Library 1.2.10
Aleksey Xml Security Library 1.2.3
Aleksey Xml Security Library 1.2.2
Aleksey Xml Security Library 1.0.3
Aleksey Xml Security Library 1.0.2
Aleksey Xml Security Library 0.0.13
Aleksey Xml Security Library 0.0.12
Aleksey Xml Security Library 0.0.5
Aleksey Xml Security Library 0.0.4
1 EDB exploit
NA
CVE-2008-6943
Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing Portal allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a recipe photo, then accessing it via a direct request to the file in pictures/.
Scriptsfeed Recipes Listing Portal
3 EDB exploits
NA
CVE-2008-6944
Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in cars_images/.
Scriptsfeed Auto Classifieds -
3 EDB exploits
NA
CVE-2008-6942
Unrestricted file upload vulnerability in ScriptsFeed Realtor Classifieds System (aka Real Estate Classifieds) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to...
Scriptsfeed Realtor Classifieds System -
3 EDB exploits
NA
CVE-2012-1153
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ...
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain 0.1.0
Apprain Apprain
Apprain Apprain 0.1.4
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »