Total
8104 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3216 | 1 Wiccle | 1 Iwiccle | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the show parameter to the admin module, reachable through index.php; or (2) the module parameter to index.php. | |||||
| CVE-2009-4088 | 1 Telepark | 1 Telepark.wiki | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php. | |||||
| CVE-2009-2224 | 1 An Guestbook | 1 An Guestbook | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the g_lang parameter. | |||||
| CVE-2008-4397 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. | |||||
| CVE-2007-6528 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter. | |||||
| CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | |||||
| CVE-2008-2974 | 1 Mm Chat | 1 Mm Chat | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter. | |||||
| CVE-2007-5956 | 1 Ibm | 1 Informix Dynamic Server | 2025-04-09 | 7.2 HIGH | N/A |
| Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. | |||||
| CVE-2008-1755 | 1 Zekewalker | 1 World Of Phaos | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter. | |||||
| CVE-2009-2015 | 2 Ideal, Joomla | 2 Com Moofaq, Joomla | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2008-6183 | 1 Myphpindexer | 1 My Php Indexer | 2025-04-09 | 7.8 HIGH | N/A |
| Multiple directory traversal vulnerabilities in index.php in My PHP Indexer 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) d and (2) f parameters. | |||||
| CVE-2007-5927 | 1 Openbase International Ltd | 1 Openbase | 2025-04-09 | 9.0 HIGH | 8.1 HIGH |
| Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926. | |||||
| CVE-2008-2495 | 1 Pancake | 1 Zina | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. (dot dot) in the p parameter. | |||||
| CVE-2009-0271 | 1 Fujitsu | 1 Systemcastwizard Lite | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | |||||
| CVE-2007-1860 | 1 Apache | 1 Tomcat Jk Web Server Connector | 2025-04-09 | 5.0 MEDIUM | N/A |
| mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. (dot dot) sequences and directory traversal, a related issue to CVE-2007-0450. | |||||
| CVE-2008-0452 | 1 Siteman | 1 Siteman | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action. | |||||
| CVE-2009-4415 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php. | |||||
| CVE-2008-1119 | 1 Centreon | 1 Centreon | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||
| CVE-2009-4426 | 1 Launchpad | 1 Ignition | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php. | |||||
| CVE-2009-2037 | 1 Onlinegrades | 1 Online Grades | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php. | |||||