Total
7185 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1076 | 1 Phptraffica | 1 Phptraffica | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php. | |||||
| CVE-2008-4712 | 1 Lnblog | 1 Lnblog | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter. | |||||
| CVE-2008-1125 | 1 Podcast Generator | 1 Podcast Generator | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php. | |||||
| CVE-2008-1119 | 1 Centreon | 1 Centreon | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||
| CVE-2009-0865 | 1 Geovision | 1 Livex Activex Control | 2025-04-09 | 8.8 HIGH | N/A |
| Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods. | |||||
| CVE-2007-5069 | 1 Massimo Chioni | 1 Mobile Entertainment Module | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter. | |||||
| CVE-2008-1371 | 1 Drake Team | 1 Drake Cms | 2025-04-09 | 3.6 LOW | N/A |
| Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote attackers to read and execute arbitrary files via a full pathname in the d_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-4330 | 1 Lansuite | 1 Lansuite | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in LanSuite 3.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the design parameter. | |||||
| CVE-2007-1144 | 1 Comscripts | 1 J-web Pics Navigator | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter. | |||||
| CVE-2009-4192 | 1 Interspire | 1 Knowledge Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-4764 | 2 Extplorer, Joomla | 2 Com Extplorer, Joomla\! | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action. | |||||
| CVE-2007-4271 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 2.1 LOW | N/A |
| Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following. | |||||
| CVE-2008-6139 | 1 Webbiscuits | 1 Modules Controller | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter. | |||||
| CVE-2007-6230 | 1 Rayzz | 1 Rayzz Script | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CFG[site][project_path] parameter. | |||||
| CVE-2008-1730 | 1 Arwscripts | 1 Gallery Script Lite | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path parameter. | |||||
| CVE-2009-2116 | 1 Skybluecanvas | 1 Skybluecanvas | 2025-04-09 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter. | |||||
| CVE-2008-5997 | 1 Ocp2 | 1 Omnicom Content Platform | 2025-04-09 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform (OCP) 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter. | |||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | |||||
| CVE-2009-0735 | 1 Papoo | 1 Papoo | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2863 | 1 Elinestudio | 1 Site Composer | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/. | |||||