Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0464 | 1 Absofort | 1 Aconon Mail Enterprise Sql | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | |||||
| CVE-2007-1042 | 1 Xpression News | 1 Xpression News | 2025-04-09 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-2007 | 1 Dokeos | 1 Dokeos | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) read arbitrary files via a .. (dot dot) in the doc_url parameter to main/exercice/Hpdownload.php. | |||||
| CVE-2008-1571 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2009-3211 | 1 Dimofinf | 1 Infinity Script | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. | |||||
| CVE-2009-2081 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in help.php in phpWebThings 1.5.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter. | |||||
| CVE-2009-1624 | 1 Dew-code | 1 Dew-newphplinks | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the show parameter. | |||||
| CVE-2009-1873 | 1 Adobe | 1 Jrun | 2025-04-09 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter. | |||||
| CVE-2008-5748 | 1 Bloofox | 1 Bloofoxcms | 2025-04-09 | 4.3 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters. | |||||
| CVE-2007-5826 | 1 Edraw | 1 Flowchart Activex | 2025-04-09 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420. | |||||
| CVE-2007-5050 | 1 Neuron News | 1 Neuron News | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the q parameter. | |||||
| CVE-2007-5920 | 1 Picoflat Cms | 1 Picoflat Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including pico_insert.php or unspecified other administrative scripts. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0654 | 1 Azucar Cms | 1 Azucar Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _VIEW (view) parameter to (1) index.php, (2) html/sitio/index.php, or (3) src/sistema/vistas/template/tpl_inicio.php. | |||||
| CVE-2007-6648 | 1 Sanybee Gallery | 1 Sanybee Gallery | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | |||||
| CVE-2008-0905 | 1 Meo | 1 Globsy | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2008-5819 | 1 Edreamers | 1 Ednews | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6212 | 1 Google | 1 Kml | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the layer parameter. | |||||
| CVE-2008-2978 | 1 Ourvideocms | 1 Ourvideo Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter. | |||||
| CVE-2008-5570 | 1 Php Multiple Newsletters | 1 Php Multiple Newsletters | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2008-6313 | 1 Phpaddedit | 1 Phpaddedit | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a URL in the editform parameter. NOTE: PHP remote file inclusion attacks are also likely. | |||||