Total
8016 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2483 | 1 Xomol | 1 Xomol Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the op parameter. | ||||
| CVE-2009-3702 | 1 Php-calendar | 1 Php-calendar | 2025-04-09 | N/A |
| Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 allow remote attackers to include and execute arbitrary local files via a full pathname in the configfile parameter to (1) update08.php or (2) update10.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2009-3694 | 1 Jdtmmsm | 1 Ezrecipe-zee | 2025-04-09 | N/A |
| Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter. | ||||
| CVE-2009-3693 | 2 Hp, Persits | 2 Loadrunner, Xupload | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method. | ||||
| CVE-2009-3664 | 1 Nullam | 1 Nullam Blog | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters. | ||||
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | ||||
| CVE-2008-6734 | 1 Keller Web Admin | 1 Kwa | 2025-04-09 | N/A |
| Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||
| CVE-2008-2876 | 1 Munky | 1 Munky | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the zone parameter. | ||||
| CVE-2006-6725 | 1 Phpbuilder | 1 Phpbuilder | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) lib/htm2php.php and (2) sitetools/htm2php.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3561 | 1 Xerver | 1 Xerver | 2025-04-09 | N/A |
| Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action. | ||||
| CVE-2009-3451 | 1 Radactive | 1 I-load | 2025-04-09 | N/A |
| Directory traversal vulnerability in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2009-3366 | 1 Plohni | 1 An Image Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in navigation.php in An image gallery 1.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter. | ||||
| CVE-2008-2403 | 1 Sun | 1 Java Asp Server | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method. | ||||
| CVE-2009-3216 | 1 Wiccle | 1 Iwiccle | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the show parameter to the admin module, reachable through index.php; or (2) the module parameter to index.php. | ||||
| CVE-2009-3151 | 1 Ultrize | 1 Timesheet | 2025-04-09 | N/A |
| Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter. | ||||
| CVE-2009-3149 | 1 Curveriderhq | 1 Elgg | 2025-04-09 | N/A |
| Directory traversal vulnerability in _css/js.php in Elgg 1.5, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the js parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1502 | 1 Matteoiammarrone | 1 S-cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
| CVE-2009-3123 | 1 Visavi | 1 Wap-motor | 2025-04-09 | N/A |
| Directory traversal vulnerability in gallery/gallery.php in Wap-Motor before 18.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the image parameter. | ||||
| CVE-2009-2923 | 1 Bitmixsoft | 1 Php-lance | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1.52 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to show.php and (2) in parameter to advanced_search.php. | ||||
| CVE-2009-2922 | 1 Pixaria | 1 Pixaria Gallery | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 through 2.3.5 allows remote attackers to read arbitrary files via a base64-encoded file parameter. | ||||