Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-2226
Invision Power Board prior to 3.3.1 fails to sanitize user-supplied input which could allow remote malicious users to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Invisioncommunity Invision Power Board
1 EDB exploit
4
CVSSv2
CVE-2019-13237
In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an malicious user to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/hist...
Alkacon Opencms Apollo Template 10.5.4
Alkacon Opencms Apollo Template 10.5.5
1 EDB exploit
6.8
CVSSv2
CVE-2008-1751
Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote malicious users to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.
Ksemail Ksemail
1 EDB exploit
5
CVSSv2
CVE-2010-0799
Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter.
Perlunity Phpunity.newsmanager
1 EDB exploit
6.8
CVSSv2
CVE-2008-6018
Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the mod parameter.
Myphpsite Myphpsite Nil
1 EDB exploit
6.8
CVSSv2
CVE-2012-5386
Directory traversal vulnerability in index.php in phpPaleo 4.8b180 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the phppaleo4_lang cookie, a different vulnerability than CVE-2012-1671. NOTE: the provenance of this information is...
Nicolas Tormo Phppaleo 4.8b180
1 EDB exploit
5
CVSSv2
CVE-2012-1790
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote malicious users to read arbitrary files via a full pathname in the file parameter to index.php.
Webgrind Project Webgrind 1.0
1 EDB exploit
5
CVSSv2
CVE-2008-2350
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 up to and including 1.0.13 allows remote malicious users to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
Bcoos Bcoos 1.0.12
Bcoos Bcoos 1.0.13
Bcoos Bcoos 1.0.9
Bcoos Bcoos 1.0.10
Bcoos Bcoos 1.0.11
1 EDB exploit
6.8
CVSSv2
CVE-2010-1920
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to C...
Openmairie Openannuaire 2.00
1 EDB exploit
6.8
CVSSv2
CVE-2010-1921
Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) annuaire.class.php, (2) droit.class.php, (3) collectivite.cla...
Openmairie Openannuaire 2.00
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »