Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2018-15657
An SSRF issue exists in 42Gears SureMDM prior to 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.
42gears Suremdm
1 EDB exploit
9.8
CVSSv3
CVE-2012-2226
Invision Power Board prior to 3.3.1 fails to sanitize user-supplied input which could allow remote malicious users to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Invisioncommunity Invision Power Board
1 EDB exploit
NA
CVE-2008-1751
Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote malicious users to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.
Ksemail Ksemail
1 EDB exploit
NA
CVE-2008-6018
Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the mod parameter.
Myphpsite Myphpsite Nil
1 EDB exploit
NA
CVE-2010-0799
Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter.
Perlunity Phpunity.newsmanager
1 EDB exploit
NA
CVE-2012-5386
Directory traversal vulnerability in index.php in phpPaleo 4.8b180 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the phppaleo4_lang cookie, a different vulnerability than CVE-2012-1671. NOTE: the provenance of this information is...
Nicolas Tormo Phppaleo 4.8b180
1 EDB exploit
NA
CVE-2012-1790
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote malicious users to read arbitrary files via a full pathname in the file parameter to index.php.
Webgrind Project Webgrind 1.0
1 EDB exploit
NA
CVE-2008-2350
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 up to and including 1.0.13 allows remote malicious users to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
Bcoos Bcoos 1.0.9
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.11
1 EDB exploit
NA
CVE-2010-1920
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to C...
Openmairie Openannuaire 2.00
1 EDB exploit
NA
CVE-2010-1921
Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) annuaire.class.php, (2) droit.class.php, (3) collectivite.cla...
Openmairie Openannuaire 2.00
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »