Total
7229 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1799 | 1 Sabros.us | 1 Sabros.us | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | |||||
| CVE-2007-4805 | 1 Fuzzylime | 1 Fuzzylime | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter. | |||||
| CVE-2008-5587 | 1 Phppgadmin | 1 Phppgadmin | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php. | |||||
| CVE-2009-3507 | 1 Jean-michel Wyttenbach | 1 Cmsphp | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter. | |||||
| CVE-2009-0340 | 1 Quirm | 1 Simple Php Newsletter | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php. | |||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2025-04-09 | 2.6 LOW | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | |||||
| CVE-2008-3727 | 1 Microworld Technologies | 1 Mailscan | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2010-0012 | 3 Debian, Opensuse, Transmissionbt | 3 Debian Linux, Opensuse, Transmission | 2025-04-09 | 6.8 MEDIUM | 8.8 HIGH |
| Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file. | |||||
| CVE-2009-4435 | 1 Compmaster.prv.pl | 1 F3site | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php. | |||||
| CVE-2008-6926 | 2 Cpanel, Netenberg | 2 Cpanel, Fantastico De Luxe | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory. | |||||
| CVE-2008-0252 | 1 Cherrypy | 1 Cherrypy | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie. | |||||
| CVE-2008-0814 | 1 Truc | 1 Truc | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the upload_filename parameter. | |||||
| CVE-2008-0231 | 1 Tuned Studios | 7 Classic Theme, Endless, Freeze Theme and 4 more | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments. | |||||
| CVE-2007-5826 | 1 Edraw | 1 Flowchart Activex | 2025-04-09 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420. | |||||
| CVE-2007-5103 | 1 Wordsmith | 1 Wordsmith | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _path parameter. | |||||
| CVE-2009-1456 | 1 Stephane Rajalu | 1 Malleo | 2025-04-09 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | |||||
| CVE-2009-4434 | 1 Idevspot | 1 Isupport | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in IDevSpot iSupport 1.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter. | |||||
| CVE-2008-3710 | 1 Hotscripts | 1 Cyboards Php Lite | 2025-04-09 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and (c) process_edit_board.php in adminopts/. NOTE: some of these vectors might not be vulnerabilities under proper installation. | |||||
| CVE-2007-5776 | 1 Blue-collar Productions | 1 I-gallery | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence. | |||||