Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6407
Directory traversal vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the framefile parameter.
Brian Wilson Ol\\'bookmarks 0.7.5
1 EDB exploit
9.8
CVSSv3
CVE-2015-8352
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
Zen-cart Zen Cart 1.5.4
1 EDB exploit
NA
CVE-2006-5125
Directory traversal vulnerability in window.php, possibly used by home.php, in Joshua Muheim phpMyWebmin 1.0 allows remote malicious users to obtain sensitive information via a directory name in the target parameter, which triggers a directory listing through the opendir function...
Joshua Muheim Phpmywebmin 1.0
2 EDB exploits
6.5
CVSSv3
CVE-2019-14312
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote malicious user to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
Aptana Jaxer 1.0.3.4547
1 EDB exploit
NA
CVE-2009-0291
Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.
Openx Openx 2.6.3
2 EDB exploits
NA
CVE-2008-6408
PHP remote file inclusion vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote malicious users to execute arbitrary PHP code via a URL in the framefile parameter.
Brian Wilson Ol\\'bookmarks 0.7.5
1 EDB exploit
NA
CVE-2006-5124
Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php.
Joshua Muheim Phpmywebmin 1.0
2 EDB exploits
NA
CVE-2008-2977
Multiple PHP remote file inclusion vulnerabilities in Ourvideo CMS 9.5 allow remote malicious users to execute arbitrary PHP code via a URL in the include_connection parameter to (1) edit_top_feature.php and (2) edit_topics_feature.php in phpi/.
Ourvideo Cms Ourvideo Cms 9.5
1 EDB exploit
NA
CVE-2008-2979
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters.
Ourvideo Cms Ourvideo Cms 9.5
1 EDB exploit
NA
CVE-2006-4055
Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contenti...
Tsep Tsep
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »