Total
7178 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1564 | 1 File-transfer | 1 File Transfer | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the filename. | |||||
| CVE-2008-2350 | 1 Bcoos | 1 Bcoos | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter. | |||||
| CVE-2007-5620 | 1 Zehnet | 1 Zz Flashchat | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashChat 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. | |||||
| CVE-2008-4759 | 1 Buzzscripts | 1 Buzzywall | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. (dot dot) in the id parameter. | |||||
| CVE-2007-4982 | 1 Mw6 Technologies | 1 Qrcode Activex | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2978 | 1 Ourvideocms | 1 Ourvideo Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter. | |||||
| CVE-2008-0790 | 1 Intermate | 1 Winipds | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2008-0905 | 1 Meo | 1 Globsy | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-4420 | 1 Edraw | 1 Office Viewer Component | 2025-04-09 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in EDraw Office Viewer Component 5.1 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the HttpDownloadFile method, a different vulnerability than CVE-2007-3168 and CVE-2007-3169. | |||||
| CVE-2008-3036 | 1 Cms Little | 1 Cms Little | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter. | |||||
| CVE-2008-3600 | 1 Menalto | 1 Gallery | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in contrib/phpBB2/modules.php in Gallery 1.5.7 and 1.6-alpha3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter within a modload action. | |||||
| CVE-2008-1798 | 1 Dragoon | 1 Dragoon | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in forum/kietu/libs/calendrier.php in Dragoon 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cal[lng] parameter. | |||||
| CVE-2007-4663 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | |||||
| CVE-2008-5861 | 1 Freelyrics | 1 Freelyrics | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3693 | 2 Hp, Persits | 2 Loadrunner, Xupload | 2025-04-09 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method. | |||||
| CVE-2009-0392 | 1 Motorola | 1 Cpei300 | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2010-0013 | 6 Adium, Fedoraproject, Opensuse and 3 more | 7 Adium, Fedora, Opensuse and 4 more | 2025-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon. | |||||
| CVE-2009-1486 | 1 Ninjadesigns | 1 Flatchat | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in pmscript.php in Flatchat 3.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the with parameter. | |||||
| CVE-2008-2045 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-09 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory. | |||||
| CVE-2008-5856 | 1 Class | 1 Class | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | |||||