Total
8718 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3179 | 1 W2b | 1 Phpdatingclub | 2025-04-09 | N/A |
| Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-7084 | 1 Hirschelectronics | 1 Velocity Security Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-6317 | 1 Phpmygallery | 1 Phpmygallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf[lang] parameter, a different issue than CVE-2008-6318. NOTE: this might be the same issue as CVE-2008-6316. | ||||
| CVE-2008-4501 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command. | ||||
| CVE-2008-6833 | 1 Fuzzylime | 1 Fuzzylime \(cms\) | 2025-04-09 | N/A |
| Directory traversal vulnerability in commsrss.php in fuzzylime (cms) before 3.01b allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in a files array element for a blogs action, as demonstrated by the files[0] parameter. | ||||
| CVE-2007-1042 | 1 Xpression News | 1 Xpression News | 2025-04-09 | N/A |
| Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5818 | 1 Edreamers | 1 Edcontainer | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2025-04-09 | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | ||||
| CVE-2008-5819 | 1 Edreamers | 1 Ednews | 2025-04-09 | N/A |
| Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3776 | 1 Fujitsu | 1 Web Based Admin View | 2025-04-09 | N/A |
| Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-6074 | 1 Phpcrs | 1 Phpcrs | 2025-04-09 | N/A |
| Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the importFunction parameter. | ||||
| CVE-2007-6552 | 1 Auracms | 1 Auracms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request. | ||||
| CVE-2008-6083 | 1 Txtshop | 1 Txtshop | 2025-04-09 | N/A |
| Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2008-0464 | 1 Absofort | 1 Aconon Mail Enterprise Sql | 2025-04-09 | N/A |
| Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2008-6089 | 1 Scriptsez | 1 Easy Image Downloader | 2025-04-09 | N/A |
| Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action. | ||||
| CVE-2009-0645 | 1 Jaws | 1 Jaws | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445. | ||||
| CVE-2008-5860 | 1 Constructr | 1 Constructr-cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter. | ||||
| CVE-2008-4155 | 1 Easybrik | 1 Easysite | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote attackers to read arbitrary files or list directories via a .. (dot dot) in the (1) module or (2) action parameter in (a) www/index.php; the (3) module, (4) ss_module, or (5) ss_action parameter in (b) modules/Module/index.php or (c) modules/Themes/index.php; or the (6) module parameter in (d) inc/vmenu.php. | ||||
| CVE-2008-5862 | 1 Webcamxp | 1 Webcamxp | 2025-04-09 | N/A |
| Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. | ||||
| CVE-2008-4151 | 1 Cyask | 1 Cyask | 2025-04-09 | N/A |
| Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. (dot dot) in the neturl parameter. | ||||