Total
7156 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4281 | 1 Vmware | 2 Esx, Esxi | 2025-04-09 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors. | |||||
| CVE-2007-3487 | 1 Hp | 1 Photo Digital Imaging Activex Control | 2025-04-09 | 6.4 MEDIUM | N/A |
| Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method. | |||||
| CVE-2008-3071 | 1 Mybb | 1 Mybb | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable. | |||||
| CVE-2008-3333 | 1 Mantis | 1 Mantis | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attackers to include and execute arbitrary files via the language parameter to the user preferences page (account_prefs_update.php). | |||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2009-3219 | 1 The-ghost | 1 Ar Web Content Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter. | |||||
| CVE-2008-4351 | 1 Phpsmartcom | 1 Phpsmartcom | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in phpSmartCom 0.2 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the p parameter. | |||||
| CVE-2007-6582 | 1 C97net | 1 Mblog | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter in a page mode action. | |||||
| CVE-2009-1368 | 1 Mozilo | 1 Mozilocms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3. | |||||
| CVE-2008-2081 | 1 Siteman | 1 Siteman | 2025-04-09 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | |||||
| CVE-2008-5787 | 2 Arabportal, Microsoft | 2 Arab Portal, Windows | 2025-04-09 | 5.4 MEDIUM | N/A |
| Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action. | |||||
| CVE-2009-1405 | 1 Pastel | 1 Pastelcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set_lng parameter. | |||||
| CVE-2008-2116 | 1 Scriptsez | 1 Power Editor | 2025-04-09 | 4.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) te and (2) dir parameters in a tempedit action. | |||||
| CVE-2007-6268 | 1 Xigla | 1 Absolute News Manager.net | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | |||||
| CVE-2008-2482 | 1 Insanevisions | 1 Onecms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in install_mod.php in insanevisions OneCMS 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter in a go action. | |||||
| CVE-2008-4419 | 1 Hp | 13 9200c Digital Sender, Color Laserjet 4370mfp, Color Laserjet 9500mfp and 10 more | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2008-4522 | 1 Jesse-web | 1 Jmweb Mp3 Music Audio Search And Download Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php. | |||||
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | |||||
| CVE-2008-2942 | 1 Mercurial | 1 Mercurial | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. | |||||
| CVE-2008-6090 | 1 Scriptsez | 1 Mini Hosting Panel | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action. | |||||