Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and previous versions allows remote malicious users to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters i...
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.00
Libra File Manager Php Filemanager 1.03
1 EDB exploit
NA
CVE-2008-0357
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Galaxyscripts Mini File Host
2 EDB exploits
NA
CVE-2007-4327
Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
Mapos Scripts File Uploader 1.1
2 EDB exploits
NA
CVE-2007-4921
PHP remote file inclusion vulnerability in _includes/settings.inc.php in Ajax File Browser 3 Beta allows remote malicious users to execute arbitrary PHP code via a URL in the approot parameter.
Ajax File Browser 3 Beta
1 EDB exploit
NA
CVE-2009-2263
Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by ...
Awesomephp Mega File Manager 1.0
1 EDB exploit
NA
CVE-2009-0966
PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequenc...
Yabsoft Mega File Hosting Script 1.2
1 EDB exploit
NA
CVE-2006-5764
PHP remote file inclusion vulnerability in contact.php in Free File Hosting 1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained...
Free Php Scripts Free File Hosting
1 EDB exploit
NA
CVE-2008-5762
Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing the password via a direct request for slog_users.txt.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2008-5763
PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote malicious users to execute arbitrary PHP code via a URL in the slogin_path parameter.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2006-5763
Multiple PHP remote file inclusion vulnerabilities in Free File Hosting 1.1, and possibly earlier, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter to (1) login.php, (2) register.php, or (3) send....
Free Php Scripts Free Image Hosting 2.0
Free Php Scripts Free File Hosting
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »