Total
8108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1519 | 1 Pecio-cms | 1 Pecio Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Pecio CMS 1.1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter. | |||||
| CVE-2009-2313 | 1 Jinzora | 1 Jinzora | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter. | |||||
| CVE-2007-6331 | 1 Hp | 2 Info Center, Quick Launch Button | 2025-04-09 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista. | |||||
| CVE-2008-6335 | 1 Emetrix | 1 Online Keyword Research Tool | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in download.php in eMetrix Online Keyword Research Tool allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2009-3824 | 1 Michael J Greenwood | 1 Php Content Manager | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter. | |||||
| CVE-2008-1730 | 1 Arwscripts | 1 Gallery Script Lite | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path parameter. | |||||
| CVE-2008-6630 | 1 Typo3 | 2 Typo3, Wt Gallery | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | |||||
| CVE-2009-0457 | 1 Magtrb | 1 Aja Portal | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module. | |||||
| CVE-2008-2519 | 1 Core Ftp | 1 Core Ftp | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2007-5915 | 1 Phphelpdesk | 1 Phphelpdesk | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the whattodo parameter. | |||||
| CVE-2007-4220 | 1 Motorola | 1 Timbuktu | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services. | |||||
| CVE-2008-4632 | 1 Kure | 1 Kure | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the (1) post and (2) doc parameters. | |||||
| CVE-2008-4419 | 1 Hp | 13 9200c Digital Sender, Color Laserjet 4370mfp, Color Laserjet 9500mfp and 10 more | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2008-0418 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. | |||||
| CVE-2008-2966 | 1 Jaxultrabb | 1 Jaxultrabb | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information. | |||||
| CVE-2008-2913 | 1 Devalcms | 1 Devalcms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php. | |||||
| CVE-2007-5650 | 1 Reloadcms | 1 Reloadcms | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php. | |||||
| CVE-2008-4471 | 1 Autodesk | 3 Design Review, Dwf Viewer, Revit Architecture | 2025-04-09 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method. | |||||
| CVE-2007-4829 | 2 Archive\, Canonical | 2 \, Ubuntu Linux | 2025-04-09 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences. | |||||
| CVE-2007-6184 | 1 Project Alumni | 1 Project Alumni | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Project Alumni 1.0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter. | |||||