Total
7183 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6080 | 2 Codecall, Joomla | 2 Com Ionfiles, Joomla | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2008-2459 | 1 Entertainmentscript | 1 Entertainmentscript | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | |||||
| CVE-2008-4667 | 1 Arabcms | 1 Arabcms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the rss parameter. | |||||
| CVE-2009-1873 | 1 Adobe | 1 Jrun | 2025-04-09 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter. | |||||
| CVE-2007-4976 | 1 Coppermine | 1 Coppermine Photo Gallery | 2025-04-09 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter. | |||||
| CVE-2008-5860 | 1 Constructr | 1 Constructr-cms | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter. | |||||
| CVE-2009-0330 | 1 Wss-pro | 1 Scms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | |||||
| CVE-2008-2076 | 1 Actualscripts | 1 Actualanalyzer Lite | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter. | |||||
| CVE-2008-0184 | 1 Prenotazioni On Line | 1 Syshotel On Line System | 2025-04-09 | 6.4 MEDIUM | N/A |
| Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter. | |||||
| CVE-2008-4526 | 1 Customcms | 1 Ccms | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php. | |||||
| CVE-2007-6331 | 1 Hp | 2 Info Center, Quick Launch Button | 2025-04-09 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista. | |||||
| CVE-2007-4902 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2025-04-09 | 6.4 MEDIUM | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname in the argument to the SaveToFile method. | |||||
| CVE-2008-3776 | 1 Fujitsu | 1 Web Based Admin View | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2009-0841 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-09 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter. | |||||
| CVE-2008-6361 | 1 Insun Podcast | 1 Feedcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter. | |||||
| CVE-2007-5465 | 1 Mydoop | 1 Doop Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component. | |||||
| CVE-2008-1555 | 1 Bolinos | 1 Bolinos | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter. | |||||
| CVE-2008-3593 | 1 Syzygycms | 1 Syzygycms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-6271 | 1 Tbmnet | 1 Tbmnetcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the content parameter. | |||||
| CVE-2009-0570 | 1 Ninjadesigns | 1 Mailist | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these details are obtained from third party information. | |||||