Total
8016 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0068 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. | ||||
| CVE-2008-0140 | 1 Uebimiau | 1 Webmail | 2025-04-09 | N/A |
| Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172. | ||||
| CVE-2008-0184 | 1 Prenotazioni On Line | 1 Syshotel On Line System | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter. | ||||
| CVE-2008-0259 | 1 Minimal Design | 1 Minimal Gallery | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in _mg/php/mg_thumbs.php in minimal Gallery 0.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) thumbcat and (2) thumb parameters. | ||||
| CVE-2008-0361 | 1 Instituto Politicnico Nacional | 1 Gradman | 2025-04-09 | N/A |
| Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter. | ||||
| CVE-2008-0396 | 1 Bitdefender | 1 Update Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request. | ||||
| CVE-2008-0427 | 1 Bloo | 1 Bloofoxcms | 2025-04-09 | N/A |
| Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2007-4825 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function. | ||||
| CVE-2008-0196 | 1 Wordpress | 1 Wordpress | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in WordPress 2.0.11 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as demonstrated by discovering the full path via a request for the \..\..\wp-config pathname; and allow remote attackers to modify arbitrary files via a .. (dot dot) in the file parameter to wp-admin/templates.php. | ||||
| CVE-2008-5787 | 2 Arabportal, Microsoft | 2 Arab Portal, Windows | 2025-04-09 | N/A |
| Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action. | ||||
| CVE-2008-6265 | 1 Cyberfolio | 1 Cyberfolio | 2025-04-09 | N/A |
| Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter. | ||||
| CVE-2008-6271 | 1 Tbmnet | 1 Tbmnetcms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the content parameter. | ||||
| CVE-2008-6551 | 1 E-vision | 1 E-vision Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) an adminlang cookie to admin/ind_ex.php; or the module parameter to (2) 3rdparty/adminpart/add3rdparty.php, (3) polling/adminpart/addpolling.php, (4) contact/adminpart/addcontact.php, (5) brandnews/adminpart/addbrandnews.php, (6) newsletter/adminpart/addnewsletter.php, (7) game/adminpart/addgame.php, (8) tour/adminpart/addtour.php, (9) articles/adminpart/addarticles.php, (10) product/adminpart/addproduct.php, or (11) plain/adminpart/addplain.php in modules/. | ||||
| CVE-2008-6659 | 1 Simple Machines | 1 Simple Machines Forum | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the theme_dir field during a jsoption action, related to Sources/QueryString.php and Sources/Themes.php, as demonstrated by a local .gif file in attachments/ with PHP code that was uploaded through a profile2 action to index.php. | ||||
| CVE-2008-0357 | 1 Galaxyscripts | 1 Mini File Host | 2025-04-09 | N/A |
| Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | ||||
| CVE-2008-0435 | 1 Ozjournals | 1 Ozjournals | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the id parameter in a printpreview action. | ||||
| CVE-2008-0459 | 1 Liquidsilvercms | 1 Liquidsilvercms | 2025-04-09 | N/A |
| Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter. | ||||
| CVE-2008-0464 | 1 Absofort | 1 Aconon Mail Enterprise Sql | 2025-04-09 | N/A |
| Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2007-6079 | 1 Bcoos | 1 Bcoos | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsOption[pagetype] parameter to the default URI for modules/news/. NOTE: this can be leveraged by using legitimate product functionality to upload a file that contains the code, then including that file. | ||||
| CVE-2007-0700 | 1 Portail Web Php | 1 Portail Web Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this issue was later reported for 2.5.1.1. | ||||