Total
7615 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4374 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-09 | N/A |
| Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to upload files into arbitrary directories via a .. (dot dot) in the id_document parameter. | ||||
| CVE-2008-0513 | 1 Phpcms | 1 Phpcms | 2025-04-09 | N/A |
| Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840. | ||||
| CVE-2007-6528 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-09 | N/A |
| Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter. | ||||
| CVE-2009-2132 | 1 4homepages | 1 4images | 2025-04-09 | N/A |
| Directory traversal vulnerability in global.php in 4images before 1.7.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter. | ||||
| CVE-2008-0501 | 1 Sourceforge | 1 Phpmyclub | 2025-04-09 | N/A |
| Directory traversal vulnerability in phpMyClub 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page_courante parameter to the top-level URI. | ||||
| CVE-2009-4231 | 1 Basic-cms | 1 Sweetrice | 2025-04-09 | N/A |
| Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter. | ||||
| CVE-2009-4216 | 1 Klinza | 1 Klinza Professional Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | ||||
| CVE-2008-0489 | 1 Clansphere | 1 Clansphere | 2025-04-09 | N/A |
| Directory traversal vulnerability in install.php in Clansphere 2007.4.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2008-0481 | 1 Web Wiz | 1 Rich Text Editor | 2025-04-09 | N/A |
| Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter in a save action. | ||||
| CVE-2009-3534 | 1 Lionwiki | 1 Lionwiki | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2009-4116 | 1 Cutephp | 1 Cutenews | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is disabled, allow remote authenticated users with editor or administrative application access to read arbitrary files via a .. (dot dot) in the source parameter in a (1) list or (2) editnews action to the Editnews module, and (3) the save_con[skin] parameter in the Options module. NOTE: vector 3 can be leveraged for code execution by using a .. to include and execute arbitrary local files. | ||||
| CVE-2009-4053 | 1 Home Ftp Server Project | 1 Home Ftp Server | 2025-04-09 | 6.5 Medium |
| Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-0479 | 1 Web Wiz | 1 Newspad | 2025-04-09 | N/A |
| Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter. | ||||
| CVE-2008-0478 | 1 Setcms | 1 Setcms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set parameter, as demonstrated by sending a certain CLIENT_IP HTTP header in an enter action to index.php, and injecting PHP sequences into files/enter.set, which is then included by index.php. | ||||
| CVE-2009-4154 | 1 Elxis | 1 Elxis Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2009-3902 | 2 Cherokee, Microsoft | 2 Cherokee Httpd, Windows | 2025-04-09 | N/A |
| Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL. | ||||
| CVE-2008-4155 | 1 Easybrik | 1 Easysite | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote attackers to read arbitrary files or list directories via a .. (dot dot) in the (1) module or (2) action parameter in (a) www/index.php; the (3) module, (4) ss_module, or (5) ss_action parameter in (b) modules/Module/index.php or (c) modules/Themes/index.php; or the (6) module parameter in (d) inc/vmenu.php. | ||||
| CVE-2008-0459 | 1 Liquidsilvercms | 1 Liquidsilvercms | 2025-04-09 | N/A |
| Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter. | ||||
| CVE-2008-6843 | 2 Cpanel, Netenberg | 2 Cpanel, Fantastico De Luxe | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter. | ||||
| CVE-2008-4602 | 1 Qualityunit | 1 Post Affiliate Pro | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter. | ||||