Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local file inclusion vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2010-1537
Multiple directory traversal vulnerabilities in phpCDB 1.0 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_global parameter to (1) firstvisit.php, (2) newfolder.php, (3) showfolders.php, (4) newlang.ph...
Francois Bissonnette Phpcdb
1 EDB exploit
685
VMScore
CVE-2009-0330
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Wss-pro Scms 1
1 EDB exploit
755
VMScore
CVE-2009-0422
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and previous versions, when register_globals is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] paramet...
Tincan Phplist 2.7.2
Tincan Phplist 2.8.2
Tincan Phplist 2.10.6
Tincan Phplist 2.10.7
Tincan Phplist 2.6.0
Tincan Phplist 2.5.8
Tincan Phplist 2.5.0
Tincan Phplist 2.4.0
Tincan Phplist 2.2.1
Tincan Phplist 2.2.0
Tincan Phplist 1.9.1
Tincan Phplist 1.9.0
Tincan Phplist 2.8.12
Tincan Phplist 2.10.1
Tincan Phplist 2.8.7
Tincan Phplist 2.6.4
Tincan Phplist 2.5.7
Tincan Phplist 2.5.6
Tincan Phplist 2.3.4
Tincan Phplist 2.4.7
Tincan Phplist 2.1.4
Tincan Phplist 2.1.3
1 EDB exploit
668
VMScore
CVE-2015-7815
Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik prior to 2.15.0 allows remote malicious users to include and execute arbitrary local files via the viewDataTable parameter.
Matomo Matomo
685
VMScore
CVE-2010-4406
Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote malicious users to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.
Brunetton Littlephpgallery 1.0.2
1 EDB exploit
685
VMScore
CVE-2008-6522
Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote malicious users to list arbitrary directories and read arbitrary files via a .. (dot dot) in the ...
Devraj Mukherjee Openterracotta 0.6.1
1 EDB exploit
435
VMScore
CVE-2012-6665
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are...
Phpmoneybooks Phpmoneybooks 1.0.4
1 EDB exploit
755
VMScore
CVE-2008-4522
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
Jesse-web Jmweb Mp3 Music Audio Search And Download Script
1 EDB exploit
755
VMScore
CVE-2008-4667
Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the rss parameter.
Arabcms Arabcms 2.0
1 EDB exploit
685
VMScore
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.06.10
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »