Total
8015 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6167 | 1 Miniportail | 1 Miniportail | 2025-04-09 | N/A |
| Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter. | ||||
| CVE-2008-6177 | 1 Publicwarehouse | 1 Lightblog | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php. | ||||
| CVE-2009-2258 | 1 Netgear | 2 Dg632, Dg632 Firmware | 2025-04-09 | N/A |
| Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter. | ||||
| CVE-2008-0405 | 1 Hfs | 1 Http File Server | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allow remote attackers to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and (3) append arbitrary data to a file via a .. (dot dot) in an account name, when requesting a URI composed of a "/?%0a" sequence followed by the data. | ||||
| CVE-2009-1523 | 1 Mortbay | 1 Jetty | 2025-04-09 | N/A |
| Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI. | ||||
| CVE-2007-5005 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Protection Suites | 2025-04-09 | N/A |
| Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command. | ||||
| CVE-2008-4668 | 1 Joomla | 2 Com Imagebrowser, Joomla | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php. | ||||
| CVE-2009-2100 | 2 Joomla, Joomlapraise | 2 Joomla, Com Projectfork | 2025-04-09 | N/A |
| Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | ||||
| CVE-2007-3936 | 1 A-shop | 1 A-shop | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter. | ||||
| CVE-2007-6620 | 1 Joovili | 1 Joovili | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | ||||
| CVE-2008-2511 | 1 Ca | 1 Internet Security Suite Plus 2008 | 2025-04-09 | N/A |
| Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1281 | 1 Argontechnology | 1 Client Management Services | 2025-04-09 | N/A |
| Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, as used in Argon Technology Client Management Services (CMS) 1.31 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2008-1409 | 1 Exero | 1 Exero Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme parameter to (1) index.php, (2) editpassword.php, and (3) avatar.php in usercp/; (4) custompage.php; (5) errors/404.php; (6) memberslist.php and (7) profile.php in members/; (8) index.php and (9) fullview.php in news/; and (10) nopermission.php. | ||||
| CVE-2008-1410 | 1 Acronis | 1 Snap Deploy | 2025-04-09 | N/A |
| Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service. | ||||
| CVE-2008-4471 | 1 Autodesk | 3 Design Review, Dwf Viewer, Revit Architecture | 2025-04-09 | N/A |
| Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method. | ||||
| CVE-2007-6672 | 1 Mortbay Jetty | 1 Jetty | 2025-04-09 | N/A |
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI. | ||||
| CVE-2008-3163 | 1 Regretless | 1 Dodos Mail | 2025-04-09 | N/A |
| Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3165 | 1 Fuzzylime | 1 Fuzzylime Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805. | ||||
| CVE-2009-4421 | 1 Alexander Palmo | 1 Simple Php Blog | 2025-04-09 | N/A |
| Directory traversal vulnerability in languages_cgi.php in Simple PHP Blog 0.5.1 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the blog_language1 parameter. | ||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2025-04-09 | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||