Total
8033 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4986 | 1 In-portal | 1 In-portal | 2025-04-11 | N/A |
| Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the env parameter. | ||||
| CVE-2009-4978 | 1 Tufat | 1 Mybackup | 2025-04-11 | N/A |
| Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2009-4974 | 1 Sweetphp | 1 Totalcalendar | 2025-04-11 | N/A |
| Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box parameter. | ||||
| CVE-2012-2139 | 2 Cloudforms Cloudengine, Rubygems | 2 1, Mail Gem | 2025-04-11 | N/A |
| Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter. | ||||
| CVE-2009-4952 | 2 Serge Gebhardt, Typo3 | 2 Dir Listing, Typo3 | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Directory Listing (dir_listing) extension 1.1.0 and earlier for TYPO3 allows remote attackers to have an unspecified impact via unknown vectors. | ||||
| CVE-2009-4896 | 1 Mlmmj | 1 Mlmmj | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action. | ||||
| CVE-2009-4790 | 1 Sysax | 1 Multi Server | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-4815 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | ||||
| CVE-2009-4725 | 1 Arabportal | 1 Arab Portal | 2025-04-11 | N/A |
| Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2009-4723 | 1 Netpet | 1 Netpet Cms | 2025-04-11 | N/A |
| Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2009-4679 | 2 Inertialfate, Joomla | 2 Com If Nexus, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2009-4665 | 1 Cutesoft Components | 1 Cute Editor For Asp.net | 2025-04-11 | N/A |
| Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2009-5067 | 1 Html2ps Project | 1 Html2ps | 2025-04-11 | N/A |
| Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices. | ||||
| CVE-2009-4946 | 2 Joomla, Thetricky | 2 Joomla\!, Com Messaging | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1475 | 2 Joomla, Ternaria | 2 Joomla\!, Com Preventive | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2013-5688 | 1 Ajaxplorer | 1 Ajaxplorer | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action. | ||||
| CVE-2013-1904 | 1 Roundcube | 1 Webmail | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013. | ||||
| CVE-2010-3490 | 1 Sangoma | 1 Freepbx | 2025-04-11 | N/A |
| Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root. | ||||
| CVE-2009-2693 | 2 Apache, Redhat | 5 Tomcat, Certificate System, Enterprise Linux and 2 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry. | ||||
| CVE-2009-4726 | 1 Olivier Michaud Pierre-yves | 1 Quickdev4php | 2025-04-11 | N/A |
| Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||