Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1979 | 2 Affiliatefeeds, Joomla | 2 Com Datafeeds, Joomla\! | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1077 | 2 Vbseo, Vbulletin | 2 Vbseo, Vbulletin | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter. | |||||
| CVE-2010-1952 | 2 Cmstactics, Joomla | 3 Com Beeheard, Com Beeheardlite, Joomla\! | 2017-08-17 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-2129 | 2 Harmistechnology, Joomla | 2 Com Jeajaxeventcalendar, Joomla\! | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0967 | 1 Geekhelps | 1 Admp | 2017-08-17 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1537 | 1 Francois Bissonnette | 1 Phpcdb | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_global parameter to (1) firstvisit.php, (2) newfolder.php, (3) showfolders.php, (4) newlang.php, (5) showinnerfolder.php, (6) writecode.php, and (7) showcode.php. | |||||
| CVE-2009-4426 | 1 Launchpad | 1 Ignition | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php. | |||||
| CVE-2010-0396 | 1 Debian | 1 Dpkg | 2017-08-17 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive. | |||||
| CVE-2009-4946 | 2 Joomla, Thetricky | 2 Joomla\!, Com Messaging | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4315 | 1 Nuggetz | 1 Nuggetz Cms | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code. | |||||
| CVE-2009-3211 | 1 Dimofinf | 1 Infinity Script | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. | |||||
| CVE-2009-4816 | 1 Andy Stedemos | 1 The Uploader | 2017-08-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2009-4435 | 1 Compmaster.prv.pl | 1 F3site | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php. | |||||
| CVE-2009-3123 | 1 Visavi | 1 Wap-motor | 2017-08-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in gallery/gallery.php in Wap-Motor before 18.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the image parameter. | |||||
| CVE-2010-0284 | 2 Microsoft, Novell | 2 Windows, Access Manager | 2017-08-17 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678. | |||||
| CVE-2009-4415 | 1 Phpgroupware | 1 Phpgroupware | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php. | |||||
| CVE-2009-3542 | 1 Kneuro | 1 Littlesite.php | 2017-08-17 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2009-3694 | 1 Jdtmmsm | 1 Ezrecipe-zee | 2017-08-17 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter. | |||||
| CVE-2009-4216 | 1 Klinza | 1 Klinza Professional Cms | 2017-08-17 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | |||||
| CVE-2009-4512 | 1 Indymedia | 1 Oscailt | 2017-08-17 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Oscailt 3.3, when Use Friendly URL's is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the obj_id parameter. | |||||