Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
Joomlashowroom Pro Desk Support Center 1.0
Joomlashowroom Pro Desk Support Center 1.2
2 EDB exploits
NA
CVE-2008-6317
Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be t...
Phpmygallery Phpmygallery 1.5
2 EDB exploits
NA
CVE-2007-5802
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by ...
Firewolf Technologies Synergiser
2 EDB exploits
7.5
CVSSv3
CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin up to and including 1.1.1 for WordPress allows remote malicious users to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path tra...
Siteeditor Site Editor
1 EDB exploit
4 Github repositories
NA
CVE-2008-6316
Directory traversal vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter, a different issue than CVE-2008-6316 and a different vector than CVE-...
Phpmygallery Phpmygallery 1.0
2 EDB exploits
9.8
CVSSv3
CVE-2019-9618
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
Gracemedia Media Player Project Gracemedia Media Player 1.0
1 EDB exploit
NA
CVE-2008-5993
Directory traversal vulnerability in image.php in Barcode Generator 1D (barcodegen) 2.0.0 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the code parameter.
Barcodephp Barcodegen 1d 1.2.4
Barcodephp Barcodegen 1d
Barcodephp Barcodegen 1d 1.3.0
1 EDB exploit
NA
CVE-2010-4406
Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote malicious users to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.
Brunetton Littlephpgallery 1.0.2
1 EDB exploit
NA
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
NA
CVE-2006-7099
Directory traversal vulnerability in index.php in SolarPay allows remote malicious users to read certain files via a .. (dot dot) in the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Solarpay Solarpay .
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »