Total
8015 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0592 | 1 Pnphpbb | 1 Pnphpbb2 | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/. | ||||
| CVE-2009-0596 | 1 Phpskelsite | 1 Phpskelsite | 2025-04-09 | N/A |
| Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter. | ||||
| CVE-2009-4050 | 1 Phpmybackuppro | 1 Phpmybackuppro | 2025-04-09 | N/A |
| Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1246 | 1 Blogplus | 1 Blogplus | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[file] includes/parameter to block_center_top.php; (3) row_mysql_blocks_left[file] parameter to includes/block_left.php; (4) row_mysql_blocks_right[file] parameter to includes/block_right.php; and row_mysql_bloginfo[theme] parameter to (5) includes/window_down.php and (6) includes/window_top.php. | ||||
| CVE-2006-5846 | 1 Freewebshop | 1 Freewebshop | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773. | ||||
| CVE-2006-5981 | 1 Biba Software | 1 Seleniumserver Ftp Server | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in SeleniumServer FTP Server 1.0, and possibly earlier, allow remote attackers to list arbitrary directories, read arbitrary files, and upload arbitrary files via directory traversal sequences in the (1) DIR (LIST or NLST), (2) GET (RETR), and (3) PUT (STOR) commands. | ||||
| CVE-2006-6047 | 1 Etomite | 1 Etomite | 2025-04-09 | N/A |
| Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php. | ||||
| CVE-2009-1445 | 1 Ivano Culmine | 1 Webportal Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1) read arbitrary files via directory traversal sequences in the lang parameter to libraries/helpdocs/help.php and (2) include and execute arbitrary local files via directory traversal sequences in the error parameter to index.php. | ||||
| CVE-2009-1456 | 1 Stephane Rajalu | 1 Malleo | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2009-1488 | 1 Rens Rikkerink | 1 Fungamez | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php. | ||||
| CVE-2009-1496 | 2 Ijobid, Joomla | 2 Com Cmimarketplace, Joomla | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php. | ||||
| CVE-2009-1559 | 1 Cisco | 1 Wvc54gca | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible. | ||||
| CVE-2009-1743 | 1 Pinnaclesys | 2 Pinnacle Hollywood Effects, Pinnacle Studio | 2025-04-09 | N/A |
| Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot backslash) sequence in a Hollywood FX Compressed Archive (.hfz) file. NOTE: this can be leveraged for code execution by decompressing a file to a Startup folder. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1744 | 1 Pinnaclesys | 1 Pinnacle Studio | 2025-04-09 | N/A |
| InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to cause a denial of service (application crash) via a crafted Hollywood FX Compressed Archive (.hfz) file. | ||||
| CVE-2009-1748 | 1 Joost Horward | 1 Catviz | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Catviz 0.4.0 Beta 1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) webpages_form or (2) userman_form parameter. | ||||
| CVE-2009-1765 | 1 Pluck-cms | 1 Pluck | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/blog/module_info.php, and (3) data/modules/albums/module_info.php, different vectors than CVE-2008-3194. | ||||
| CVE-2007-0898 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message. | ||||
| CVE-2007-1031 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter. | ||||
| CVE-2007-1126 | 1 Xt-commerce | 1 Xt-commerce | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in xtcommerce allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2007-1138 | 1 Cromosoft | 1 Simple Plantilla Php | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter. | ||||