Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-20618
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
Ok-file-formats Project Ok-file-formats
5.3
CVSSv3
CVE-2019-5447
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows malicious users to list files in arbitrary folders.
Http-file-server Project Http-file-server
8.8
CVSSv3
CVE-2019-16790
In Tiny File Manager prior to 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
Tiny File Manager Project Tiny File Manager
9.8
CVSSv3
CVE-2017-8297
A path traversal vulnerability exists in simple-file-manager prior to 2017-04-26, affecting index.php (the sole "Simple PHP File Manager" component).
Simple-file-manager Project Simple-file-manager
6.1
CVSSv3
CVE-2018-3726
crud-file-server node module prior to 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Crud-file-server Project Crud-file-server
7.5
CVSSv3
CVE-2018-3733
crud-file-server node module prior to 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.
Crud-file-server Project Crud-file-server
7.8
CVSSv3
CVE-2020-36246
Amaze File Manager prior to 3.5.1 allows malicious users to obtain root privileges via shell metacharacters in a symbolic link.
Amaze File Manager Project Amaze File Manager
5.5
CVSSv3
CVE-2022-48554
File prior to 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
File Project File 5.41
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2022-45475
Tiny File Manager version 2.4.8 allows an unauthenticated remote malicious user to access the application's internal files. This is possible because the application is vulnerable to broken access control.
Tiny File Manager Project Tiny File Manager 2.4.8
9.8
CVSSv3
CVE-2022-45476
Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload.
Tiny File Manager Project Tiny File Manager 2.4.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »