Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
645
VMScore
CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and previous versions allows remote malicious users to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters i...
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.00
Libra File Manager Php Filemanager 1.03
1 EDB exploit
755
VMScore
CVE-2006-5426
PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote malicious users to execute arbitrary PHP code via a URL in the LIBDIR parameter.
Local Calendar System Local Calendar System 1.1
1 EDB exploit
440
VMScore
CVE-2008-0357
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Galaxyscripts Mini File Host
2 EDB exploits
755
VMScore
CVE-2009-2263
Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by ...
Awesomephp Mega File Manager 1.0
1 EDB exploit
755
VMScore
CVE-2009-0966
PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the url parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequenc...
Yabsoft Mega File Hosting Script 1.2
1 EDB exploit
NA
CVE-2023-5099
The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.7 via the 'src' attribute of the 'csvsearch' shortcode. This allows authenticated attackers, with contributor-level permissions a...
Jonashjalmarsson Html Filter And Csv-file Search
668
VMScore
CVE-2007-0860
Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) TEMPLATE_DIR parameter to (a) showinvoices.php, (b) showmonth.php, (c) showevents.php, (d) retrieveinvoice.php, (e) modi...
Laboratory For Optical And Computational Instrumentation Local Calendar System 1.1
685
VMScore
CVE-2012-1671
Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Nicolas Tormo Phppaleo
1 EDB exploit
405
VMScore
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp.
Wso2 Carbon 4.4.5
1 EDB exploit
435
VMScore
CVE-2012-1669
Directory traversal vulnerability in index.php in phpMoneyBooks prior to 1.0.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Phpmoneybooks Phpmoneybooks
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »