Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0431 | 1 Idmos | 1 Idmos Cms | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter. | |||||
| CVE-2008-1962 | 1 Chimaera | 1 Aterr | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.php and the (2) file parameter to include/common.inc.php. | |||||
| CVE-2008-1798 | 1 Dragoon | 1 Dragoon | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in forum/kietu/libs/calendrier.php in Dragoon 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cal[lng] parameter. | |||||
| CVE-2007-6581 | 1 Social Engine | 1 Social Engine | 2017-09-29 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/. | |||||
| CVE-2008-0818 | 1 Freephpgallery | 1 Freephpgallery | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php. | |||||
| CVE-2007-4641 | 1 Pakupaku | 1 Pakupaku Cms | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file. | |||||
| CVE-2007-6214 | 1 Learnloop | 1 Learnloop | 2017-09-29 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database. | |||||
| CVE-2007-6344 | 1 Mcms | 1 Easy Web Make | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter. | |||||
| CVE-2007-4585 | 1 2532gigs | 1 2532gigs | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2007-6233 | 1 Ftp Admin | 1 Ftp Admin | 2017-09-29 | 4.9 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2007-5219 | 1 Cyberlink | 1 Powerdvd | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the CreateNewFile method. | |||||
| CVE-2007-4982 | 1 Mw6 Technologies | 1 Qrcode Activex | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6212 | 1 Google | 1 Kml | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the layer parameter. | |||||
| CVE-2007-6322 | 1 Xml2owl | 1 Xml2owl | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-5465 | 1 Mydoop | 1 Doop Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter to an unspecified component. | |||||
| CVE-2007-4895 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter. | |||||
| CVE-2007-5826 | 1 Edraw | 1 Flowchart Activex | 2017-09-29 | 9.3 HIGH | N/A |
| Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420. | |||||
| CVE-2007-6400 | 1 Poldoc | 1 Poldoc Document Management System | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter. | |||||
| CVE-2007-5110 | 1 Eb Design Pty Ltd | 1 Ebcrypt | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute path traversal vulnerability in the EbCrypt.eb_c_PRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: some of these details are obtained from third party information. | |||||