Total
8013 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0596 | 1 Phpskelsite | 1 Phpskelsite | 2025-04-09 | N/A |
| Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter. | ||||
| CVE-2008-3031 | 1 Simple Php Agenda | 1 Simple Php Agenda | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-1493 | 1 Cuteflow-bin | 1 Cuteflow Bin | 2025-04-09 | N/A |
| Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2008-0231 | 1 Tuned Studios | 7 Classic Theme, Endless, Freeze Theme and 4 more | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments. | ||||
| CVE-2008-3486 | 1 Coppermine-gallery | 1 Coppermine Photo Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in the user_get_profile function in include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang part of serialized data in an _data cookie. | ||||
| CVE-2007-4825 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function. | ||||
| CVE-2008-5171 | 1 Phpblaster | 1 Phpblaster Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters. | ||||
| CVE-2007-4723 | 2 Apache, Ragnarok Online Control Panel Project | 2 Http Server, Ragnarok Online Control Panel | 2025-04-09 | N/A |
| Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page. | ||||
| CVE-2008-1755 | 1 Zekewalker | 1 World Of Phaos | 2025-04-09 | N/A |
| Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter. | ||||
| CVE-2008-4471 | 1 Autodesk | 3 Design Review, Dwf Viewer, Revit Architecture | 2025-04-09 | N/A |
| Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method. | ||||
| CVE-2008-3163 | 1 Regretless | 1 Dodos Mail | 2025-04-09 | N/A |
| Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3205 | 1 Easy-script | 1 Wysi Wiki Wyg | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | ||||
| CVE-2009-1407 | 1 Wonko | 1 Notftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a certain languages[][file] parameter. | ||||
| CVE-2008-3192 | 1 Sclek | 1 Jsite | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2007-4559 | 2 Python, Redhat | 4 Python, Enterprise Linux, Rhel Eus and 1 more | 2025-04-09 | 9.8 Critical |
| Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. | ||||
| CVE-2008-3165 | 1 Fuzzylime | 1 Fuzzylime Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805. | ||||
| CVE-2008-3405 | 1 Nazgulled | 1 Nzfotolog | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Ricardo Amaral nzFotolog 0.4.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action_file parameter. | ||||
| CVE-2009-4421 | 1 Alexander Palmo | 1 Simple Php Blog | 2025-04-09 | N/A |
| Directory traversal vulnerability in languages_cgi.php in Simple PHP Blog 0.5.1 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the blog_language1 parameter. | ||||
| CVE-2008-1799 | 1 Sabros.us | 1 Sabros.us | 2025-04-09 | N/A |
| Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | ||||
| CVE-2007-4842 | 1 Enriva Development | 1 Magellan Explorer | 2025-04-09 | N/A |
| Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlier allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||