Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1933 | 1 Microsoft | 1 Zune Software | 2025-04-09 | 4.3 MEDIUM | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remote attackers to overwrite arbitrary files via the SaveToFile method. NOTE: the victim must explicitly allow the code to run. | |||||
| CVE-2008-0946 | 1 Ipswitch | 2 Imserver, Instant Messaging | 2025-04-09 | 4.9 MEDIUM | N/A |
| Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field. | |||||
| CVE-2007-6369 | 1 Wordpress | 1 Pictpress | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) size or (2) path parameter. | |||||
| CVE-2007-6567 | 1 Xzero Scripts | 1 Xzero Community Classifieds | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action. | |||||
| CVE-2009-1222 | 1 Webedition | 1 Webedition | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter. | |||||
| CVE-2008-0545 | 1 Bubbling Library | 1 Bubbling Library | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) uri parameter to (a) yui-menu.tpl.php, (b) simple.tpl.php, and (c) advanced.tpl.php in dispatcher/framework/; and the (2) page parameter to (d) yui-menu.php, (e) simple.php, and (f) advanced.php in dispatcher/framework/, different vectors than CVE-2008-0521. | |||||
| CVE-2008-4668 | 1 Joomla | 2 Com Imagebrowser, Joomla | 2025-04-09 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php. | |||||
| CVE-2007-5674 | 1 Instaguide | 1 Weather | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in InstaGuide Weather (aka Weather for PHP) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PageName parameter. | |||||
| CVE-2009-1479 | 1 Boxalino | 1 Boxalino | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | |||||
| CVE-2008-0840 | 1 Publicwarehouse | 1 Lightblog | 2025-04-09 | 4.4 MEDIUM | N/A |
| Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the username parameter. | |||||
| CVE-2009-2222 | 1 Php.s3 | 1 Php-i-board | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors, probably related to mail. | |||||
| CVE-2008-0501 | 1 Sourceforge | 1 Phpmyclub | 2025-04-09 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in phpMyClub 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page_courante parameter to the top-level URI. | |||||
| CVE-2009-2925 | 1 Djcalendar | 1 Djcalendar | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. (dot dot) in the TEMPLATE parameter. | |||||
| CVE-2008-6668 | 1 Dirk Bartley | 1 Nweb2fax | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) id parameter to comm.php and (2) var_filename parameter to viewrq.php. | |||||
| CVE-2008-2969 | 1 Yektaweb | 1 Academic Web Tools | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the dfile parameter. | |||||
| CVE-2008-6884 | 1 Xoops | 1 Xoops | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter to (1) blocks.php and (2) main.php in xoops_lib/modules/protector/. | |||||
| CVE-2007-6323 | 1 Mms Gallery | 1 Mms Gallery Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in mms_template/. | |||||
| CVE-2008-2942 | 1 Mercurial | 1 Mercurial | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. | |||||
| CVE-2008-2512 | 1 Symantec | 1 Backupexec System Recovery | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2009-0592 | 1 Pnphpbb | 1 Pnphpbb2 | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/. | |||||