Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
filedownload vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-1000002
Open Proxy in filedownload v1.4 wordpress plugin
Filedownload Project Filedownload 1.4
7.5
CVSSv2
CVE-2015-1000003
Blind SQL Injection in filedownload v1.4 wordpress plugin
Filedownload Project Filedownload 1.4
4.3
CVSSv2
CVE-2015-1000004
XSS in filedownload v1.4 wordpress plugin
Filedownload Project Filedownload 1.4
7.5
CVSSv2
CVE-2007-0659
download.php in the MuddyDogPaws FileDownload snippet prior to 2.5 for MODx allows remote malicious users to download arbitrary files, as demonstrated by downloading config.inc.php to obtain database credentials.
Modxcms Filedownload 2.0
Modxcms Filedownload 1.7
NA
CVE-2024-33118
LuckyFrameWeb v3.5.2 exists to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController.
NA
CVE-2024-35081
LuckyFrameWeb v3.5.2 exists to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method.
5
CVSSv2
CVE-2015-9250
An issue exists in Skybox Platform prior to 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webskybox/filedownload via the tempFileName parameter.
Skyboxsecurity Skybox Platform
5
CVSSv2
CVE-2021-30048
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (?????-plus) 3.5.1 allows malicious users to read arbitrary files via the filePath parameter.
Novel Boutique House-plus Project Novel Boutique House-plus 3.5.1
NA
CVE-2024-24024
An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). An attacker can pass in specially crafted filePath and fieName parameters to perform arbitrary File download.
Xxyopen Novel-plus
Xxyopen Novel-plus 4.3.0
4
CVSSv2
CVE-2011-5028
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and previous versions, as used in Novell Sentinel prior to 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter...
Novell Sentinel Log Manager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »