Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2045 | 1 Sugarcrm | 1 Sugarcrm | 2018-10-11 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory. | |||||
| CVE-2008-1702 | 1 E107 | 2 E107, My Gallery | 2018-10-11 | 4.3 MEDIUM | N/A |
| Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remote attackers to obtain sensitive information via a full pathname in the file parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1620 | 1 2x | 1 Thinclientserver | 2018-10-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) 3.2.0.0 and earlier in 2X ThinClientServer 5.0_sp1-r3497 and earlier allows remote attackers to read or overwrite arbitrary files via a ... (dot dot dot) in the filename. | |||||
| CVE-2008-1493 | 1 Cuteflow-bin | 1 Cuteflow Bin | 2018-10-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2008-1541 | 1 His | 1 Webshop | 2018-10-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS Webshop 2.50 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter. | |||||
| CVE-2008-1555 | 1 Bolinos | 1 Bolinos | 2018-10-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter. | |||||
| CVE-2008-1565 | 2 Hotscripts, Phpbb | 2 Pjirc, Pjirc Module | 2018-10-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in forum/irc/irc.php in the PJIRC 0.5 module for phpBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter. | |||||
| CVE-2008-1534 | 1 Powerscripts | 1 Powerphpboard | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in PowerPHPBoard 1.00b allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) settings[footer] parameter to footer.inc.php and the (2) settings[header] parameter to header.inc.php. | |||||
| CVE-2008-1651 | 1 Myiosoft | 1 Easynews | 2018-10-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2008-1537 | 1 Powerscripts | 1 Powerbook | 2018-10-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2008-1415 | 1 Riceball | 1 Multiple Time Sheets | 2018-10-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter. | |||||
| CVE-2008-1410 | 1 Acronis | 1 Snap Deploy | 2018-10-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to read arbitrary files via directory traversal sequences to the TFTP service. | |||||
| CVE-2008-1400 | 1 Mg-soft | 1 Net Inspector | 2018-10-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Net Inspector HTTP Server (mghttpd) in MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot slash) in the URI. | |||||
| CVE-2008-1301 | 1 Alkacon | 1 Opencms | 2018-10-11 | 4.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 parameter. | |||||
| CVE-2008-1284 | 1 Horde | 3 Groupware, Groupware Webmail Edition, Horde | 2018-10-11 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name. | |||||
| CVE-2008-1324 | 1 Leinir | 1 Travelsized Cms | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in index.php in Travelsized CMS 0.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1325. | |||||
| CVE-2008-1281 | 1 Argontechnology | 1 Client Management Services | 2018-10-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in TFTPsrvs.exe 2.5.3.1 and earlier, as used in Argon Technology Client Management Services (CMS) 1.31 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2008-1352 | 1 Hangzhou Network Technology Development | 1 Ediorcms | 2018-10-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the _SearchTemplate parameter during a Title search. | |||||
| CVE-2008-1325 | 1 Leinir Turthra | 1 Uberghey Cms | 2018-10-11 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in index.php in Uberghey CMS 0.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1324. | |||||
| CVE-2008-1221 | 1 Microworld Technologies | 3 Escan, Escan Management Console, Escan Server | 2018-10-11 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in the FTP server in MicroWorld eScan Corporate Edition 9.0.742.98 and eScan Management Console (aka eScan Server) 9.0.742.1 allows remote attackers to read arbitrary files via an absolute pathname in the RETR (get) command. | |||||