Total
7024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5927 | 1 Openbase International Ltd | 1 Openbase | 2025-04-09 | 9.0 HIGH | 8.1 HIGH |
| Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926. | |||||
| CVE-2008-3165 | 1 Fuzzylime | 1 Fuzzylime Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805. | |||||
| CVE-2009-1368 | 1 Mozilo | 1 Mozilocms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3. | |||||
| CVE-2008-3293 | 1 Ezwebalbum | 1 Ezwebalbum | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | |||||
| CVE-2008-6516 | 1 Phpkf | 1 Phpkf-portal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2895 | 1 Aprox | 1 Aproxengine | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-0513 | 1 Phpcms | 1 Phpcms | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840. | |||||
| CVE-2007-4583 | 1 Acti | 1 Network Video Recorder | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method. | |||||
| CVE-2008-6735 | 1 Thaiquickcart | 1 Thaiquickcart | 2025-04-09 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the sLanguage cookie. | |||||
| CVE-2008-0452 | 1 Siteman | 1 Siteman | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action. | |||||
| CVE-2007-6620 | 1 Joovili | 1 Joovili | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | |||||
| CVE-2008-5723 | 1 Cgi-rescue | 2 Kannibbs2000, Kannibbs2000i | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2008-4346 | 1 Talkback | 1 Talkback | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371. | |||||
| CVE-2008-2974 | 1 Mm Chat | 1 Mm Chat | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter. | |||||
| CVE-2007-6552 | 1 Auracms | 1 Auracms | 2025-04-09 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request. | |||||
| CVE-2007-6378 | 1 Badblue | 1 Badblue | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2008-1571 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2009-0592 | 1 Pnphpbb | 1 Pnphpbb2 | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/. | |||||
| CVE-2007-1149 | 1 Lovecms | 1 Lovecms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI. | |||||
| CVE-2008-5272 | 1 Syndeocms | 1 Syndeocms | 2025-04-09 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, reached through starnet/index.php; and (3) starnet/modules/sn_newsletter/edit_content.php, reached through starnet/index.php. | |||||