Total
7186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0357 | 1 Galaxyscripts | 1 Mini File Host | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | |||||
| CVE-2007-6184 | 1 Project Alumni | 1 Project Alumni | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Project Alumni 1.0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter. | |||||
| CVE-2008-2978 | 1 Ourvideocms | 1 Ourvideo Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter. | |||||
| CVE-2008-6424 | 1 Jun Sota | 1 Ffftp | 2025-04-09 | 8.8 HIGH | N/A |
| Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite arbitrary files via a response to an FTP LIST command with a filename that contains a .. (dot dot). | |||||
| CVE-2007-6368 | 1 Ezcontents | 1 Ezcontents | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in ezContents 1.4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the link parameter. | |||||
| CVE-2009-1246 | 1 Blogplus | 1 Blogplus | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[file] includes/parameter to block_center_top.php; (3) row_mysql_blocks_left[file] parameter to includes/block_left.php; (4) row_mysql_blocks_right[file] parameter to includes/block_right.php; and row_mysql_bloginfo[theme] parameter to (5) includes/window_down.php and (6) includes/window_top.php. | |||||
| CVE-2008-0435 | 1 Ozjournals | 1 Ozjournals | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the id parameter in a printpreview action. | |||||
| CVE-2007-5174 | 1 Actsite | 1 Actsite | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in phpinc/news.php in actSite 1.56 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the do parameter. | |||||
| CVE-2008-3205 | 1 Easy-script | 1 Wysi Wiki Wyg | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | |||||
| CVE-2008-2687 | 1 Promanager | 1 Promanager | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in inc/config.php in ProManager 0.73 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2007-5017 | 1 Yahoo | 1 Messenger | 2025-04-09 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 allows remote attackers to force a download, and create or overwrite arbitrary files via a full pathname in the second argument to the GetFile method. | |||||
| CVE-2008-4522 | 1 Jesse-web | 1 Jmweb Mp3 Music Audio Search And Download Script | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php. | |||||
| CVE-2009-0535 | 1 Extrosoft | 1 Thyme | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parameter. | |||||
| CVE-2009-0442 | 1 Phpbbbook | 1 Phpbbbook | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and 1.3h allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter. | |||||
| CVE-2010-0157 | 2 Joomla, Joomlabiblestudy | 2 Joomla\!, Com Biblestudy | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php. | |||||
| CVE-2007-6567 | 1 Xzero Scripts | 1 Xzero Community Classifieds | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action. | |||||
| CVE-2007-5813 | 1 Ispworker | 1 Ispworker | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in download.php in ISPworker 1.21 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ticketid and (2) filename parameters. | |||||
| CVE-2009-3211 | 1 Dimofinf | 1 Infinity Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. | |||||
| CVE-2007-5417 | 1 Boastmachine | 1 Boastmachine | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in boastMachine (aka bMachine) 2.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | |||||
| CVE-2009-4421 | 1 Alexander Palmo | 1 Simple Php Blog | 2025-04-09 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in languages_cgi.php in Simple PHP Blog 0.5.1 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the blog_language1 parameter. | |||||