file inclusion vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote attackers to execute arbitrary PHP code via a URL in the approot parameter....

Ajax File Browser 3 Beta1 EDB exploit available

6.8

CVSSv2

Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php....

Mapos Scripts File Uploader 1.12 EDB exploits available

7.5

CVSSv2

PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote attackers to execute arbitrary PHP code via a URL in the slogin_path parameter....

Mariovaldez Simple Text-file Login Script 1.0.61 EDB exploit available1 Github repository available

7.5

CVSSv2

Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by...

Awesomephp Mega File Manager 1.01 EDB exploit available

7.5

CVSSv2

PHP remote file inclusion vulnerability in contact.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from...

Free Php Scripts Free File Hosting1 EDB exploit available

7.5

CVSSv2

PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences....

Yabsoft Mega File Hosting Script 1.21 EDB exploit available

7.5

CVSSv2

** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the externalConfig parameter. NOTE: CVE and other third...

Kai Blankenhorn Bitfolge Simple And Nice Index File

5.1

CVSSv2

PHP remote file inclusion vulnerability in forgot_pass.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: this issue was later reported for the "File Upload System" which is a...

Free Php Scripts Free Image Hosting 2.0 Free Php Scripts Free File Hosting1 EDB exploit available

5.1

CVSSv2

Multiple PHP remote file inclusion vulnerabilities in Free File Hosting 1.1, and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter to (1) login.php, (2) register.php, or (3) send.php. ...

Free Php Scripts Free Image Hosting 2.0 Free Php Scripts Free File Hosting2 EDB exploits available

7.5

CVSSv2

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file....

Debian Debian Linux 8.0 Debian Debian Linux 7.0 Fedoraproject Fedora 26 Fedoraproject Fedora 25 Tug Tex Live -

Get Started

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook