Total
7183 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6012 | 1 Hardkap | 1 Pritlog | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Pritlog 0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a viewEntry action. | |||||
| CVE-2008-3926 | 1 Hans Oesterholt | 1 Cmme | 2025-04-09 | 5.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the env parameter in a login action to admin.php. | |||||
| CVE-2008-3293 | 1 Ezwebalbum | 1 Ezwebalbum | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | |||||
| CVE-2008-7054 | 1 Visualshapers | 1 Ezcontents | 2025-04-09 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in ezContents 2.0.3 allow remote attackers to include and execute arbitrary local files via the (1) gsLanguage and (2) language_home parameters to modules/diary/showdiary.php; (3) admin_home, (4) gsLanguage, and (5) language_home parameters to modules/diary/showdiarydetail.php; (6) gsLanguage and (7) language_home parameters to modules/diary/submit_diary.php; (8) admin_home parameter to modules/news/news_summary.php; (9) nLink, (10) gsLanguage, and (11) language_home parameters to modules/news/inlinenews.php; and possibly other unspecified vectors in (12) diary/showeventlist.php, (13) gallery/showgallery.php, (14) reviews/showreviews.php, (15) gallery/showgallerydetails.php, (16) reviews/showreviewsdetails.php, (17) news/shownewsdetails.php, (18) gallery/submit_gallery.php, (19) guestbook/submit_guestbook.php, (20) reviews/submit_reviews.php, (21) news/submit_news.php, (22) diary/inlineeventlist.php, and (23) news/archivednews_summary.php in modules/, related to the lack of directory traversal protection in modules/moduleSec.php. | |||||
| CVE-2008-1231 | 1 Jspwiki | 1 Jspwiki | 2025-04-09 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter. | |||||
| CVE-2009-1737 | 1 Diqiye | 1 Mypic | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in arbitrary directories via a .. (dot dot) in the dir parameter. | |||||
| CVE-2008-4740 | 1 Tinycms | 1 Tinycms | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter. | |||||
| CVE-2008-2887 | 1 Chaozzatwork | 1 Fubarforum | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2007-5815 | 1 Sonicwall | 2 Ssl Vpn2000\/4000, Ssl Vpn 200 | 2025-04-09 | 10.0 HIGH | N/A |
| Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method. | |||||
| CVE-2008-6167 | 1 Miniportail | 1 Miniportail | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter. | |||||
| CVE-2008-6843 | 2 Cpanel, Netenberg | 2 Cpanel, Fantastico De Luxe | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter. | |||||
| CVE-2007-4908 | 1 Auracms | 1 Auracms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter. | |||||
| CVE-2008-7093 | 1 Unica | 1 Affinium Campaign | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener. | |||||
| CVE-2009-2132 | 1 4homepages | 1 4images | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in global.php in 4images before 1.7.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter. | |||||
| CVE-2008-0459 | 1 Liquidsilvercms | 1 Liquidsilvercms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter. | |||||
| CVE-2009-2552 | 1 Supersimple | 1 Super Simple Blog Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter. | |||||
| CVE-2009-3515 | 1 Marcin Manek | 1 D.net Cms | 2025-04-09 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in dnet_admin/index.php in d.net CMS allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the type parameter. | |||||
| CVE-2009-2931 | 1 Slideshowpro | 1 Director | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter. | |||||
| CVE-2008-1799 | 1 Sabros.us | 1 Sabros.us | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||
| CVE-2007-4843 | 1 X-diesel | 1 Unreal Commander | 2025-04-09 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||