Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory pro vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2008-4602
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
Qualityunit Post Affiliate Pro 2.0
1 EDB exploit
828
VMScore
CVE-2017-2214
Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an malicious user to execute arbitrary code via a specially crafted executable file in an unspecified directory.
Jiransoft Appcheck
Jiransoft Appcheck Pro
668
VMScore
CVE-2012-5185
Directory traversal vulnerability in the Olive Toast Documents Pro File Viewer (formerly Files HD) app prior to 1.11.1 for iOS allows remote malicious users to read or delete files by leveraging guest access.
Olivetoast Documents Pro File Viewer
755
VMScore
CVE-2006-6694
Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a .. (dot dot) in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessi...
Scriptsfrenzy.com E-uploader Pro 1.0
1 EDB exploit
515
VMScore
CVE-2006-4721
Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP ...
Ccleague Pro Sports Cms 1.0.1 Rc1
1 EDB exploit
605
VMScore
CVE-2021-26293
An issue exists in AfterLogic Aurora up to and including 8.5.3 and WebMail Pro up to and including 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an executable file under the web root). This is related to DAVServer.php in 8.x and DAV/Serve...
Afterlogic Aurora
Afterlogic Webmail Pro
1 Github repository
446
VMScore
CVE-2021-26294
An issue exists in AfterLogic Aurora up to and including 7.7.9 and WebMail Pro up to and including 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/...
Afterlogic Aurora
Afterlogic Webmail Pro
2 Github repositories
NA
CVE-2023-26918
Diasoft File Replication Pro 7.5.0 allows malicious users to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.
Filereplicationpro File Replication Pro 7.5.0
409
VMScore
CVE-2014-8397
Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is located in the same folder as the file being processed.
Corel Fastflick
Corel Videostudio Pro X7
465
VMScore
CVE-2008-6502
Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a .. (dot dot) in the avatar parameter, and cause other users to execute this script by using sendData.php to send a message to (1)...
Prochatrooms Pro Chat Rooms 3.0.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »