Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2018-10-10 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | |||||
| CVE-2009-3451 | 1 Radactive | 1 I-load | 2018-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2009-2968 | 1 Vmware | 1 Studio | 2018-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors. | |||||
| CVE-2009-2931 | 1 Slideshowpro | 1 Director | 2018-10-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter. | |||||
| CVE-2009-2557 | 1 Adminnewstools | 1 Admin News Tools | 2018-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter. | |||||
| CVE-2009-2166 | 2 Ocsinventory-ng, Unix | 2 Ocs Inventory Ng, Unix | 2018-10-10 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter. | |||||
| CVE-2009-2258 | 1 Netgear | 2 Dg632, Dg632 Firmware | 2018-10-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter. | |||||
| CVE-2009-2161 | 1 Torrenttrader | 1 Torrenttrader Classic | 2018-10-10 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a modified component name. | |||||
| CVE-2009-1911 | 2 Claudio Klingler, Tinywebgallery | 2 Quixplorer, Tinywebgallery | 2018-10-10 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and earlier, as used in TinyWebGallery (TWG) 1.7.6 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to admin/index.php. | |||||
| CVE-2009-2116 | 1 Skybluecanvas | 1 Skybluecanvas | 2018-10-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter. | |||||
| CVE-2009-1760 | 1 Rasterbar Software | 1 Libtorrent | 2018-10-10 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file. | |||||
| CVE-2009-1873 | 1 Adobe | 1 Jrun | 2018-10-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter. | |||||
| CVE-2009-1743 | 1 Pinnaclesys | 2 Pinnacle Hollywood Effects, Pinnacle Studio | 2018-10-10 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot backslash) sequence in a Hollywood FX Compressed Archive (.hfz) file. NOTE: this can be leveraged for code execution by decompressing a file to a Startup folder. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1621 | 1 Opencart | 1 Opencart | 2018-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the route parameter. | |||||
| CVE-2009-1479 | 1 Boxalino | 1 Boxalino | 2018-10-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | |||||
| CVE-2009-1456 | 1 Stephane Rajalu | 1 Malleo | 2018-10-10 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | |||||
| CVE-2009-1354 | 1 Sergey Lyubka | 1 Mongoose | 2018-10-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2009-1222 | 1 Webedition | 1 Webedition | 2018-10-10 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter. | |||||
| CVE-2009-1090 | 1 Rapidleech | 1 Rapidleech | 2018-10-10 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter. | |||||
| CVE-2009-1089 | 1 Rapidleech | 1 Rapidleech | 2018-10-10 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to read arbitrary files via a base64-encoded absolute path in the filename parameter. | |||||