Total
8589 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0813 | 1 Xpweb | 1 Xpweb | 2025-04-09 | N/A |
| Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | ||||
| CVE-2007-6672 | 1 Mortbay Jetty | 1 Jetty | 2025-04-09 | N/A |
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI. | ||||
| CVE-2007-5823 | 1 Scribe | 1 Scribe | 2025-04-09 | N/A |
| Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action. | ||||
| CVE-2008-2045 | 1 Sugarcrm | 1 Sugarcrm | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory. | ||||
| CVE-2008-4528 | 1 Phlatline | 1 Personal Information Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action. | ||||
| CVE-2008-5919 | 1 Tigris | 1 Websvn | 2025-04-09 | N/A |
| Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter. | ||||
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | ||||
| CVE-2008-3128 | 1 Pivot | 1 Pivot | 2025-04-09 | N/A |
| Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter. | ||||
| CVE-2008-4346 | 1 Talkback | 1 Talkback | 2025-04-09 | N/A |
| Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371. | ||||
| CVE-2008-5418 | 2 Justin Roy, Punbb | 2 Punportal Module, Punbb | 2025-04-09 | N/A |
| Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter. | ||||
| CVE-2008-6308 | 1 Punbb | 2 Private Messaging System, Punbb | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and earlier for PunBB allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) header_new_messages.php, (3) profile_send.php, and (4) viewtopic_PM-link.php in include/pms/. | ||||
| CVE-2008-1651 | 1 Myiosoft | 1 Easynews | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2009-0423 | 1 Kevin Walker | 1 Php Photo Album | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter. | ||||
| CVE-2008-6410 | 1 Brian Wilson | 1 Ol\'bookmarks | 2025-04-09 | N/A |
| Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter. | ||||
| CVE-2007-5465 | 1 Mydoop | 1 Doop Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component. | ||||
| CVE-2008-0819 | 1 Plutostatus | 1 Plutostatus Locator | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-4489 | 1 Atarone | 1 Atarone | 2025-04-09 | N/A |
| Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2110 | 1 Jnmsolutions | 1 Db Top Sites | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the u parameter to (1) full.php, (2) index.php, and (3) contact.php. | ||||
| CVE-2008-1891 | 1 Ruby-lang | 1 Ruby | 2025-04-09 | N/A |
| Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. | ||||
| CVE-2008-0393 | 1 Gradman | 1 Gradman | 2025-04-09 | N/A |
| Directory traversal vulnerability in info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter, a different vector than CVE-2008-0361. | ||||