Total
7723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2151 | 1 Adaptweb | 1 Adaptweb | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the newlang parameter. | |||||
| CVE-2007-4957 | 1 Chupix | 1 Chupix Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter. | |||||
| CVE-2008-1565 | 2 Hotscripts, Phpbb | 2 Pjirc, Pjirc Module | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in forum/irc/irc.php in the PJIRC 0.5 module for phpBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter. | |||||
| CVE-2008-7240 | 1 Linuxwebshop | 1 Php User Base | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | |||||
| CVE-2009-3792 | 1 Adobe | 1 Flash Media Server | 2025-04-09 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors. | |||||
| CVE-2008-3390 | 1 Minishowcase | 1 Minishowcase Image Gallery | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2010-0157 | 2 Joomla, Joomlabiblestudy | 2 Joomla\!, Com Biblestudy | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php. | |||||
| CVE-2008-4894 | 1 Tribiq | 1 Tribiq Cms | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the template_path parameter. NOTE: it was later reported that this issue also affects 5.0.12c. | |||||
| CVE-2009-1730 | 1 Netmechanica | 1 Netdecision Tftp Server | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command. | |||||
| CVE-2009-1319 | 1 Guestcal | 1 Guest Cal | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the lang parameter to index.php. | |||||
| CVE-2008-4151 | 1 Cyask | 1 Cyask | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. (dot dot) in the neturl parameter. | |||||
| CVE-2007-1031 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter. | |||||
| CVE-2008-4419 | 1 Hp | 13 9200c Digital Sender, Color Laserjet 4370mfp, Color Laserjet 9500mfp and 10 more | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2008-2666 | 1 Php | 1 Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. | |||||
| CVE-2008-4740 | 1 Tinycms | 1 Tinycms | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter. | |||||
| CVE-2009-3216 | 1 Wiccle | 1 Iwiccle | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the show parameter to the admin module, reachable through index.php; or (2) the module parameter to index.php. | |||||
| CVE-2008-2820 | 1 Azimyt | 1 Open Azimyt Cms | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in lang/lang-system.php in Open Azimyt CMS 0.22 minimal and 0.21 stable allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2008-2017 | 1 Chilkat Software | 1 Chicomas | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/. | |||||
| CVE-2007-4820 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2025-04-09 | 7.5 HIGH | N/A |
| Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter. | |||||
| CVE-2009-3181 | 1 Anantasoft | 1 Gazelle Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php. | |||||