Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
filedownload vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-1000002
Open Proxy in filedownload v1.4 wordpress plugin
Filedownload Project Filedownload 1.4
7.5
CVSSv2
CVE-2015-1000003
Blind SQL Injection in filedownload v1.4 wordpress plugin
Filedownload Project Filedownload 1.4
4.3
CVSSv2
CVE-2015-1000004
XSS in filedownload v1.4 wordpress plugin
Filedownload Project Filedownload 1.4
7.5
CVSSv2
CVE-2007-0659
download.php in the MuddyDogPaws FileDownload snippet prior to 2.5 for MODx allows remote malicious users to download arbitrary files, as demonstrated by downloading config.inc.php to obtain database credentials.
Modxcms Filedownload 2.0
Modxcms Filedownload 1.7
NA
CVE-2024-33118
LuckyFrameWeb v3.5.2 exists to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController.
5
CVSSv2
CVE-2015-9250
An issue exists in Skybox Platform prior to 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webskybox/filedownload via the tempFileName parameter.
Skyboxsecurity Skybox Platform
5
CVSSv2
CVE-2021-30048
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (?????-plus) 3.5.1 allows malicious users to read arbitrary files via the filePath parameter.
Novel Boutique House-plus Project Novel Boutique House-plus 3.5.1
NA
CVE-2024-24024
An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). An attacker can pass in specially crafted filePath and fieName parameters to perform arbitrary File download.
Xxyopen Novel-plus
Xxyopen Novel-plus 4.3.0
4
CVSSv2
CVE-2021-32507
Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
Qsan Storage Manager
4
CVSSv2
CVE-2011-5028
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and previous versions, as used in Novell Sentinel prior to 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter...
Novell Sentinel Log Manager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »