Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-4656
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actua...
Web-provence Sl Site
2 EDB exploits
9
CVSSv2
CVE-2015-8358
Directory traversal vulnerability in the bitrix.mpbuilder module prior to 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php...
Bitrix Mpbuilder
1 EDB exploit
7.5
CVSSv2
CVE-2005-0859
PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote malicious users to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. NOTE: some sources have reported the "dir" parameter as being affected; however, this is l...
Czaries Network Czarnews 1.13b
2 EDB exploits
6.8
CVSSv2
CVE-2008-2981
PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the thumb_template parameter.
Homeph Design Homeph Design 2.10
1 EDB exploit
6.8
CVSSv2
CVE-2008-2982
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/templat...
Homeph Design Homeph Design 2.10
1 EDB exploit
6.8
CVSSv2
CVE-2011-4614
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x prior to 4.5.9, 4.6.x prior to 4.6.2, and development versions of 4.7 allows remote malicious users to execute arbitrary PHP code via a URL in th...
Typo3 Typo3 4.5.2
Typo3 Typo3 4.5.3
Typo3 Typo3 4.5.4
Typo3 Typo3 4.5.5
Typo3 Typo3 4.5.1
Typo3 Typo3 4.5.6
Typo3 Typo3 4.5.8
Typo3 Typo3 4.5
Typo3 Typo3 4.5.7
Typo3 Typo3 4.6
Typo3 Typo3 4.6.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-4551
PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote malicious users to execute arbitrary PHP code via a URL in the loadpage parameter.
Agares Media Arcadem 2.0.1
2 EDB exploits
6.8
CVSSv2
CVE-2010-4330
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic prior to 1.2.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.2.7
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.2.4
Pulsecms Pulse Cms 1.2.3
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.01
Pulsecms Pulse Cms 1.2.2
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.2.6
Pulsecms Pulse Cms 1.2.5
Pulsecms Pulse Cms 1.16
Pulsecms Pulse Cms 1.15
1 EDB exploit
7.5
CVSSv2
CVE-2009-4541
Multiple PHP remote file inclusion vulnerabilities in IsolSoft Support Center 2.5 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) newticket.php or (2) rempass.php, or a URL in the lang parameter in an adduser action to (3) index.p...
Isolsoft Support Center 2.5
1 EDB exploit
4.3
CVSSv2
CVE-2009-4542
Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Isolsoft Support Center 2.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »