Total
7229 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5116 | 1 Sun | 1 Java System Identity Manager | 2025-04-09 | 7.8 HIGH | N/A |
Directory traversal vulnerability in idm/includes/helpServer.jsp in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to read arbitrary files in the filesystem of the IDM server via directory traversal sequences in the ext parameter. | |||||
CVE-2007-6453 | 1 Raiden Professional Servers | 1 Raidenhttpd | 2025-04-09 | 10.0 HIGH | N/A |
Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the WebAdmin function is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ulang parameter. | |||||
CVE-2009-3898 | 2 F5, Nginx | 2 Nginx, Nginx | 2025-04-09 | 4.9 MEDIUM | N/A |
Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method. | |||||
CVE-2008-4486 | 1 Yerba | 1 Yerba | 2025-04-09 | 10.0 HIGH | N/A |
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. | |||||
CVE-2008-7090 | 1 Pligg | 1 Pligg Cms | 2025-04-09 | 7.8 HIGH | N/A |
Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier allow remote attackers to (1) determine the existence of arbitrary files via a .. (dot dot) in the $tb_url variable in trackback.php, or (2) include arbitrary files via a .. (dot dot) in the template parameter to settemplate.php. | |||||
CVE-2008-0431 | 1 Idmos | 1 Idmos Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter. | |||||
CVE-2008-4592 | 1 Sportspanel | 1 Sports Clubs Web Portal | 2025-04-09 | 10.0 HIGH | N/A |
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter. | |||||
CVE-2008-6177 | 1 Publicwarehouse | 1 Lightblog | 2025-04-09 | 6.8 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php. | |||||
CVE-2008-2185 | 1 Toocharger | 1 Smartblog | 2025-04-09 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-2658 | 1 Znc | 1 Znc | 2025-04-09 | 7.5 HIGH | N/A |
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request. | |||||
CVE-2007-1138 | 1 Cromosoft | 1 Simple Plantilla Php | 2025-04-09 | 5.0 MEDIUM | N/A |
Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter. | |||||
CVE-2008-2985 | 1 Cmreams | 1 Cmreams Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter. | |||||
CVE-2007-3487 | 1 Hp | 1 Photo Digital Imaging Activex Control | 2025-04-09 | 6.4 MEDIUM | N/A |
Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method. | |||||
CVE-2008-5201 | 1 Otmanager | 1 Otmanager Cms | 2025-04-09 | 7.5 HIGH | N/A |
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
CVE-2008-0427 | 1 Bloo | 1 Bloofoxcms | 2025-04-09 | 7.8 HIGH | N/A |
Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
CVE-2008-1231 | 1 Jspwiki | 1 Jspwiki | 2025-04-09 | 9.3 HIGH | N/A |
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter. | |||||
CVE-2008-0396 | 1 Bitdefender | 1 Update Server | 2025-04-09 | 7.8 HIGH | N/A |
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request. | |||||
CVE-2009-1222 | 1 Webedition | 1 Webedition | 2025-04-09 | 5.1 MEDIUM | N/A |
Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter. | |||||
CVE-2008-2076 | 1 Actualscripts | 1 Actualanalyzer Lite | 2025-04-09 | 7.5 HIGH | N/A |
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter. | |||||
CVE-2007-4764 | 1 Pawfaliki | 1 Pawfaliki | 2025-04-09 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to list arbitrary files via a .. (dot dot) in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |