Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4902 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2017-09-29 | 6.4 MEDIUM | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname in the argument to the SaveToFile method. | |||||
| CVE-2007-6187 | 1 Noah | 1 Noah | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filepath parameter to (1) css_file.php, (2) js_file.php, or (3) xml_file.php in noah/modules/nosystem/templates/. | |||||
| CVE-2007-5103 | 1 Wordsmith | 1 Wordsmith | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _path parameter. | |||||
| CVE-2007-4058 | 1 Emc | 1 Vmware | 2017-09-29 | 4.3 MEDIUM | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | |||||
| CVE-2007-5489 | 1 Artmedic Webdesign | 1 Artmedic Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2007-4008 | 1 Entertainment Cms | 1 Entertainment Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in custom.php in Entertainment Media Sharing CMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter. | |||||
| CVE-2007-5674 | 1 Instaguide | 1 Weather | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in InstaGuide Weather (aka Weather for PHP) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PageName parameter. | |||||
| CVE-2007-5782 | 1 Fireconfig | 1 Fireconfig | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-5731 | 1 Apache | 1 Jakarta Slide | 2017-09-29 | 3.5 LOW | N/A |
| Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461. | |||||
| CVE-2007-6369 | 1 Wordpress | 1 Pictpress | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) size or (2) path parameter. | |||||
| CVE-2007-6290 | 1 Iptel | 1 Serweb | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters. | |||||
| CVE-2007-4890 | 1 Microsoft | 1 Visual Studio | 2017-09-29 | 5.8 MEDIUM | N/A |
| Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method. | |||||
| CVE-2007-6079 | 1 Bcoos | 1 Bcoos | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsOption[pagetype] parameter to the default URI for modules/news/. NOTE: this can be leveraged by using legitimate product functionality to upload a file that contains the code, then including that file. | |||||
| CVE-2007-3936 | 1 A-shop | 1 A-shop | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter. | |||||
| CVE-2007-4031 | 1 Nessus | 1 Vulnerability Scanner | 2017-09-29 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via a .. (dot dot) in the argument to the deleteReport method, probably related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll. | |||||
| CVE-2007-5812 | 1 Modulebuilder | 1 Modulebuilder | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules/Builder/DownloadModule.php in ModuleBuilder 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-4908 | 1 Auracms | 1 Auracms | 2017-09-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter. | |||||
| CVE-2007-5299 | 1 Skadate | 1 Skadate Online Dating Software | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode parameter to (1) featured_list.php and (2) online_list.php in member/. | |||||
| CVE-2007-4820 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2017-09-29 | 7.5 HIGH | N/A |
| Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter. | |||||
| CVE-2007-5055 | 1 Izicontents | 1 Izicontents | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the admin_home parameter to modules/poll/poll_summary.php or (2) the rootdp parameter to include/db.php. | |||||