Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file project vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-19041
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5.3
CVSSv3
CVE-2018-19042
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
5.3
CVSSv3
CVE-2018-19043
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI.
Media File Manager Project Media File Manager 1.4.2
1 EDB exploit
7.5
CVSSv3
CVE-2020-22550
Veno File Manager 3.5.6 is affected by a directory traversal vulnerability. Using the traversal allows an malicious user to download sensitive files from the server.
Veno File Manager Project Veno File Manager 3.5.6
8.8
CVSSv3
CVE-2020-7998
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.
Super File Explorer Project Super File Explorer 1.0.1
1 Github repository
7.5
CVSSv3
CVE-2020-12128
DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path.
File Transfer Ifamily Project File Transfer Ifamily 2.1
8.1
CVSSv3
CVE-2021-40668
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write.
Http File Server Project Http File Server 1.4.1
6.1
CVSSv3
CVE-2023-27245
A cross-site scripting (XSS) vulnerability in File Management Project 1.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module.
File Management System Project File Management System 1.0.0
5.4
CVSSv3
CVE-2023-3784
A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched r...
Wifi File Explorer Project Wifi File Explorer 1.13.3
7.7
CVSSv3
CVE-2020-12102
In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope).
Tiny File Manager Project Tiny File Manager 2.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »