Total
7648 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1849 | 3 Joomla, Joomlacode, Mambo | 3 Joomla, Joomlaexplorer, Mambo | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. | ||||
| CVE-2008-4181 | 1 Netenberg | 1 Fantastico De Luxe | 2025-04-09 | N/A |
| Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absolute pathname in the fantasticopath parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2025-04-09 | N/A |
| Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | ||||
| CVE-2009-1031 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request. | ||||
| CVE-2008-0140 | 1 Uebimiau | 1 Webmail | 2025-04-09 | N/A |
| Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172. | ||||
| CVE-2008-1857 | 1 Mole | 1 Make Our Life Easy | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname parameters. | ||||
| CVE-2008-4781 | 1 Easy-script | 1 Myktools | 2025-04-09 | N/A |
| Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter. | ||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | ||||
| CVE-2008-4780 | 1 Easy-script | 1 Myforum | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter. | ||||
| CVE-2009-3507 | 1 Jean-michel Wyttenbach | 1 Cmsphp | 2025-04-09 | N/A |
| Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter. | ||||
| CVE-2009-2444 | 1 Adbnewssender | 1 Adbnewssender | 2025-04-09 | N/A |
| Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php. | ||||
| CVE-2007-4718 | 1 Claroline | 1 Claroline | 2025-04-09 | N/A |
| Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2008-2820 | 1 Azimyt | 1 Open Azimyt Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in lang/lang-system.php in Open Azimyt CMS 0.22 minimal and 0.21 stable allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2009-1354 | 1 Sergey Lyubka | 1 Mongoose | 2025-04-09 | N/A |
| Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-1885 | 1 Cdnetworks | 1 Download Client | 2025-04-09 | N/A |
| Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a .. (dot dot) in the SkinPath parameter and a .zip URL in the HttpSkin parameter. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2008-2876 | 1 Munky | 1 Munky | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the zone parameter. | ||||
| CVE-2008-2887 | 1 Chaozzatwork | 1 Fubarforum | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-0221 | 1 Gateway | 1 Weblaunch | 2025-04-09 | N/A |
| Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3787 | 1 Vivvo | 1 Vivvo | 2025-04-09 | N/A |
| files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . (dot) characters, which is filtered into a "../" sequence. | ||||
| CVE-2008-0612 | 1 Xoops | 1 Xoops | 2025-04-09 | N/A |
| Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||