Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1635 | 1 Raven Php Scripts | 1 Keep It Simple Guest Book | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly affected. | |||||
| CVE-2008-2015 | 1 Watchfire | 1 Appscan | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) CompactSave and (2) SaveSession method in one control, and the (3) saveRecordedExploreToFile method in a different control. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2007-6620 | 1 Joovili | 1 Joovili | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | |||||
| CVE-2007-6582 | 1 C97net | 1 Mblog | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter in a page mode action. | |||||
| CVE-2008-1755 | 1 Zekewalker | 1 World Of Phaos | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter. | |||||
| CVE-2007-6648 | 1 Sanybee Gallery | 1 Sanybee Gallery | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | |||||
| CVE-2008-1849 | 3 Joomla, Joomlacode, Mambo | 3 Joomla, Joomlaexplorer, Mambo | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. | |||||
| CVE-2008-1125 | 1 Podcast Generator | 1 Podcast Generator | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php. | |||||
| CVE-2008-1908 | 1 Cpcommerce | 1 Cpcommerce | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the language parameter in a language action to the default URI, which is not properly handled in actions/language.act.php, or (2) the action parameter to category.php. | |||||
| CVE-2008-0393 | 1 Gradman | 1 Gradman | 2017-09-29 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter, a different vector than CVE-2008-0361. | |||||
| CVE-2008-0310 | 1 Sco | 1 Unixware | 2017-09-29 | 6.9 MEDIUM | N/A |
| Directory traversal vulnerability in pkgadd in SCO UnixWare 7.1.4 before p534589 allows local users to create or append to arbitrary files via ".." sequences in an unspecified environment variable, probably PKGINST. | |||||
| CVE-2008-1861 | 1 Exbb | 1 Exbb Italia | 2017-09-29 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the exbb[default_lang] parameter. | |||||
| CVE-2008-1645 | 1 Guillaume Meister | 1 Php Spammanager | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in body.php in phpSpamManager (phpSM) 0.53 beta allows remote attackers to read arbitrary local files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2008-1409 | 1 Exero | 1 Exero Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme parameter to (1) index.php, (2) editpassword.php, and (3) avatar.php in usercp/; (4) custompage.php; (5) errors/404.php; (6) memberslist.php and (7) profile.php in members/; (8) index.php and (9) fullview.php in news/; and (10) nopermission.php. | |||||
| CVE-2008-1553 | 1 Topper | 1 Toppermod | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in mod.php in TopperMod 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the to parameter. | |||||
| CVE-2008-1799 | 1 Sabros.us | 1 Sabros.us | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | |||||
| CVE-2007-6624 | 1 Pnphpbb | 1 Pnphpbb | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter. | |||||
| CVE-2008-0338 | 1 Miniweb Http Server | 1 Miniweb Http Server | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI. | |||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | |||||
| CVE-2008-1042 | 1 Linux Web Shop | 1 Php Download Manager | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. | |||||