Total
7615 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2699 | 1 Gwm | 1 Galatolo Webmanager | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in (1) the plugin parameter to admin/plugins.php or (2) the com parameter to index.php. | ||||
| CVE-2008-1178 | 1 Centreon | 1 Centreon | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2008-1119. | ||||
| CVE-2009-0841 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-09 | N/A |
| Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter. | ||||
| CVE-2007-4271 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following. | ||||
| CVE-2008-0813 | 1 Xpweb | 1 Xpweb | 2025-04-09 | N/A |
| Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | ||||
| CVE-2008-7084 | 1 Hirschelectronics | 1 Velocity Security Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2006-6047 | 1 Etomite | 1 Etomite | 2025-04-09 | N/A |
| Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php. | ||||
| CVE-2007-5461 | 2 Apache, Redhat | 8 Tomcat, Certificate System, Enterprise Linux and 5 more | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. | ||||
| CVE-2008-1169 | 1 Simm-comm | 1 Sci Photo Chat | 2025-04-09 | N/A |
| Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command. | ||||
| CVE-2008-2695 | 1 Phpinv | 1 Phpinv | 2025-04-09 | N/A |
| Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||
| CVE-2008-4501 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command. | ||||
| CVE-2009-2552 | 1 Supersimple | 1 Super Simple Blog Script | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter. | ||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2025-04-09 | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | ||||
| CVE-2008-1145 | 3 Fedoraproject, Redhat, Ruby-lang | 4 Fedora, Enterprise Linux, Ruby and 1 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) "..%5c" (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. | ||||
| CVE-2008-1125 | 1 Podcast Generator | 1 Podcast Generator | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php. | ||||
| CVE-2006-6725 | 1 Phpbuilder | 1 Phpbuilder | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) lib/htm2php.php and (2) sitetools/htm2php.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1119 | 1 Centreon | 1 Centreon | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | ||||
| CVE-2008-1702 | 1 E107 | 2 E107, My Gallery | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remote attackers to obtain sensitive information via a full pathname in the file parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4499 | 1 Php Web Explorer | 1 Php Web Explorer Lite | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php. | ||||
| CVE-2007-1773 | 1 Unverse.net | 1 Abitwhizzy | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a .. (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php, different vectors than CVE-2006-6384. | ||||