Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
405
VMScore
CVE-2013-5756
Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx.
Yealink Sip-t38g -
1 EDB exploit
405
VMScore
CVE-2013-5757
Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx.
Yealink Sip-t38g -
1 EDB exploit
720
VMScore
CVE-2008-3770
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_top.php; (2) english/acco...
Openfreeway Freeway 1.4.1.171
8 EDB exploits
685
VMScore
CVE-2009-4543
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote malicious users to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. ...
Cromosoft Facil Helpdesk 2.3
1 EDB exploit
435
VMScore
CVE-2009-4699
Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php.
Skadate Skadate Online Dating Software 6.0
Skadate Skadate Online Dating Software 6.482
Skadate Skadate Online Dating Software
Skadate Skadate Online Dating Software 5.0
1 EDB exploit
505
VMScore
CVE-2009-4700
Directory traversal vulnerability in index.php in SkaDate Dating allows remote malicious users to read arbitrary files via a .. (dot dot) in the layout parameter.
Skadate Skadate Online Dating Software 5.0
Skadate Skadate Online Dating Software
Skadate Skadate Online Dating Software 6.482
Skadate Skadate Online Dating Software 6.0
1 EDB exploit
685
VMScore
CVE-2009-4739
PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote malicious users to execute arbitrary PHP code via a URL in the language_id parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequenc...
Skadate Skadate Online Dating Software
1 EDB exploit
435
VMScore
CVE-2009-0594
Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Apmuthu Phpskelsite 1.4
1 EDB exploit
515
VMScore
CVE-2009-0595
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
685
VMScore
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »