Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6090 | 1 Scriptsez | 1 Mini Hosting Panel | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action. | |||||
| CVE-2008-5997 | 1 Ocp2 | 1 Omnicom Content Platform | 2025-04-09 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform (OCP) 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter. | |||||
| CVE-2008-2635 | 1 Barad Dur | 1 Bitkinex | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2007-5831 | 1 Ssl-explorer | 1 Ssl-explorer | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attackers to access arbitrary files via directory traversal sequences in the path parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2887 | 1 Chaozzatwork | 1 Fubarforum | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-7084 | 1 Hirschelectronics | 1 Velocity Security Management System | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2008-5919 | 1 Tigris | 1 Websvn | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter. | |||||
| CVE-2009-3219 | 1 The-ghost | 1 Ar Web Content Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter. | |||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | |||||
| CVE-2009-3425 | 1 Databay | 1 Maxcms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in includes/inc.thcms_admin_dirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMS_root parameter. | |||||
| CVE-2009-2229 | 1 Kasseler-cms | 1 Kasseler Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0729 | 1 Lingx | 1 Page Engine Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0371 | 1 Sitexs Cms | 1 Sitexs Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter. | |||||
| CVE-2008-4330 | 1 Lansuite | 1 Lansuite | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in LanSuite 3.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the design parameter. | |||||
| CVE-2008-1651 | 1 Myiosoft | 1 Easynews | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2009-0735 | 1 Papoo | 1 Papoo | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0602 | 1 All Club Cms | 1 All Club Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. | |||||
| CVE-2007-6621 | 1 Joovili | 1 Joovili | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | |||||
| CVE-2008-6453 | 1 6rbscript | 1 6rbscript | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | |||||
| CVE-2008-1119 | 1 Centreon | 1 Centreon | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||