Total
7723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3219 | 1 The-ghost | 1 Ar Web Content Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter. | |||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | |||||
| CVE-2009-3425 | 1 Databay | 1 Maxcms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in includes/inc.thcms_admin_dirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMS_root parameter. | |||||
| CVE-2009-2229 | 1 Kasseler-cms | 1 Kasseler Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0729 | 1 Lingx | 1 Page Engine Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0371 | 1 Sitexs Cms | 1 Sitexs Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter. | |||||
| CVE-2008-4330 | 1 Lansuite | 1 Lansuite | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in LanSuite 3.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the design parameter. | |||||
| CVE-2008-1651 | 1 Myiosoft | 1 Easynews | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2009-0735 | 1 Papoo | 1 Papoo | 2025-04-09 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0602 | 1 All Club Cms | 1 All Club Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. | |||||
| CVE-2007-6621 | 1 Joovili | 1 Joovili | 2025-04-09 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | |||||
| CVE-2008-6453 | 1 6rbscript | 1 6rbscript | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in section.php in 6rbScript 3.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | |||||
| CVE-2008-1119 | 1 Centreon | 1 Centreon | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||
| CVE-2009-4050 | 1 Phpmybackuppro | 1 Phpmybackuppro | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-3967 | 1 Dirlist | 1 Dirlist Php | 2025-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in index.php in PHP Directory Lister (dirLIST) before 0.1.1 allows remote attackers to list the contents of a parent directory via a .. (dot dot) in the folder parameter. | |||||
| CVE-2008-4040 | 1 Kyocera Mita | 1 Fs 118mfp | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2007-0205 | 1 Alexphpteam | 1 Alex Guestbook | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows remote attackers to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for file inclusion by creating a skin file in the lang directory, then referencing that file via the lang parameter to index.php, which passes a sanity check in livre_include.php. | |||||
| CVE-2007-6528 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter. | |||||
| CVE-2008-5291 | 1 Fuzzylime | 1 Fuzzylime Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165. | |||||
| CVE-2008-0790 | 1 Intermate | 1 Winipds | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||