Total
7177 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6735 | 1 Thaiquickcart | 1 Thaiquickcart | 2025-04-09 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the sLanguage cookie. | |||||
| CVE-2008-2017 | 1 Chilkat Software | 1 Chicomas | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/. | |||||
| CVE-2008-6786 | 1 Codewiz | 1 Geekigeeki | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions. | |||||
| CVE-2009-1406 | 1 Sweetphp | 1 Totalcalendar | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the include parameter. | |||||
| CVE-2009-4056 | 1 Betsy | 1 Betsy Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter. | |||||
| CVE-2008-3385 | 1 Linuxwebshop | 1 Php Help Agent | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2008-6265 | 1 Cyberfolio | 1 Cyberfolio | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter. | |||||
| CVE-2008-4913 | 1 Lokicms | 1 Lokicms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter. | |||||
| CVE-2008-2985 | 1 Cmreams | 1 Cmreams Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter. | |||||
| CVE-2008-6290 | 1 Niclor | 1 Include Sito | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the page_file parameter. | |||||
| CVE-2008-6172 | 2 Joomla, Weberr | 2 Joomla, Rwcards | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter. | |||||
| CVE-2008-5748 | 1 Bloofox | 1 Bloofoxcms | 2025-04-09 | 4.3 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters. | |||||
| CVE-2008-1537 | 1 Powerscripts | 1 Powerbook | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2008-5275 | 1 Net2ftp | 1 Net2ftp | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file. | |||||
| CVE-2008-1696 | 1 Dazphp | 1 Dazphpnews | 2025-04-09 | 3.7 LOW | N/A |
| Directory traversal vulnerability in makepost.php in DaZPHPNews 0.1-1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the prefixdir parameter. | |||||
| CVE-2008-3486 | 1 Coppermine-gallery | 1 Coppermine Photo Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang part of serialized data in an _data cookie. | |||||
| CVE-2008-4781 | 1 Easy-script | 1 Myktools | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter. | |||||
| CVE-2009-2081 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in help.php in phpWebThings 1.5.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter. | |||||
| CVE-2009-4383 | 1 Rocomotion | 1 P Forum | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | |||||
| CVE-2008-5991 | 2 Mailscanner, Mailwatch | 2 Mailscanner, Mailwatch | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in docs.php in MailWatch for MailScanner 1.0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the doc parameter. | |||||