Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-15779
A Path Traversal issue exists in the socket.io-file package up to and including 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path.
Socket.io-file Project Socket.io-file
NA
CVE-2023-0431
The File Away WordPress plugin up to and including 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
File Away Project File Away
356
VMScore
CVE-2016-0361
IBM General Parallel File System (GPFS) 3.5 prior to 3.5.0.29 efix 6 and 4.1.1 prior to 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstra...
Ibm General Parallel File System 3.5.0.9
Ibm General Parallel File System 3.5.0.7
Ibm General Parallel File System 4.1.0.1
Ibm General Parallel File System 3.5.0.16
Ibm General Parallel File System 3.5.0.11
Ibm General Parallel File System 3.5.0.3
Ibm General Parallel File System 3.5
755
VMScore
CVE-2008-7027
Libra File Manager 1.18 and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the user and pass cookies to 1.
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.03
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.0
1 EDB exploit
645
VMScore
CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and previous versions allows remote malicious users to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters i...
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.00
Libra File Manager Php Filemanager 1.03
1 EDB exploit
187
VMScore
CVE-2017-1654
IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378.
Ibm Spectrum Scale 5.0.0.0
Ibm Spectrum Scale
Ibm General Parallel File System 4.1.0.0
Ibm General Parallel File System 4.1.0.1
Ibm General Parallel File System 4.1.0.2
Ibm General Parallel File System 4.1.0.4
Ibm General Parallel File System 4.1.0.6
Ibm General Parallel File System 4.1.0.7
Ibm General Parallel File System 4.1.0.8
Ibm General Parallel File System 4.1.0.3
Ibm General Parallel File System 4.1.0.5
432
VMScore
CVE-2019-6447
The ES File Explorer File Manager application up to and including 4.1.9.7.4 for Android allows remote malicious users to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has be...
Estrongs Es File Explorer File Manager
16 Github repositories
605
VMScore
CVE-2022-25023
Audio File commit 004065d exists to contain a heap-buffer overflow in the function fouBytesToInt():AudioFile.h.
Audio File Project Audio File 1.1.0
445
VMScore
CVE-2020-23040
Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows malicious users to access sensitive data and files via 'null' path commands.
Sky File Project Sky File 2.1.0
187
VMScore
CVE-2020-23058
An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data.
File Explorer Project File Explorer 1.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »