Total
8526 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5782 | 1 Fireconfig | 1 Fireconfig | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2008-0332 | 1 Aria | 1 Aria | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | |||||
| CVE-2007-4545 | 1 X-diesel | 1 Unreal Commander | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) ZIP or (2) RAR archive. | |||||
| CVE-2009-2659 | 1 Django Project | 1 Django | 2025-04-09 | 5.0 MEDIUM | N/A |
| The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. | |||||
| CVE-2007-0893 | 1 Matthieu Aubry | 1 Phpmyvisites | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme. | |||||
| CVE-2009-4216 | 1 Klinza | 1 Klinza Professional Cms | 2025-04-09 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | |||||
| CVE-2006-5149 | 1 Openbiblio | 1 Openbiblio | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php. | |||||
| CVE-2008-0091 | 1 Agency4net | 1 Webftp | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-6604 | 1 Xcms | 1 Xcms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the s parameter to the admin page or (2) the pg parameter to an arbitrary module, as demonstrated by reading a password hash in a .dtb file under dati/membri/ or by executing embedded PHP code in images under uploads/avatar/. | |||||
| CVE-2007-4062 | 1 Nessus | 1 Vulnerability Scanner | 2025-04-09 | 7.8 HIGH | N/A |
| The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability. | |||||
| CVE-2007-5694 | 1 Sitebar | 1 Sitebar | 2025-04-09 | 6.8 MEDIUM | N/A |
| Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491. | |||||
| CVE-2008-4602 | 1 Qualityunit | 1 Post Affiliate Pro | 2025-04-09 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter. | |||||
| CVE-2009-2151 | 1 Adaptweb | 1 Adaptweb | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the newlang parameter. | |||||
| CVE-2009-2600 | 1 Akiva | 1 Webboard | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter. | |||||
| CVE-2009-0640 | 1 Swannsecurity | 1 Dvr4-securanet | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords. | |||||
| CVE-2008-4421 | 1 Hammer-software | 1 Metagauge | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably other versions before 1.0.3.38, allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the URL. | |||||
| CVE-2009-2552 | 1 Supersimple | 1 Super Simple Blog Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter. | |||||
| CVE-2007-4843 | 1 X-diesel | 1 Unreal Commander | 2025-04-09 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2007-4718 | 1 Claroline | 1 Claroline | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2007-6471 | 1 Phpay | 1 Phpay | 2025-04-09 | 5.8 MEDIUM | N/A |
| Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a ..\ (dot dot backslash) in the config parameter. | |||||