Export limit exceeded: 365488 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9648 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0515 1 Yanocc 1 Yanocc 2026-04-23 N/A
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2007-4663 1 Php 1 Php 2026-04-23 N/A
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.
CVE-2009-1730 1 Netmechanica 1 Netdecision Tftp Server 2026-04-23 N/A
Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.
CVE-2009-0271 1 Fujitsu 1 Systemcastwizard Lite 2026-04-23 N/A
Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.
CVE-2008-3128 1 Pivot 1 Pivot 2026-04-23 N/A
Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.
CVE-2008-6090 1 Scriptsez 1 Mini Hosting Panel 2026-04-23 N/A
Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action.
CVE-2008-6407 1 Brian Wilson 1 Ol\'bookmarks 2026-04-23 N/A
Directory traversal vulnerability in frame.php in ol'bookmarks manager 0.7.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the framefile parameter.
CVE-2008-3071 1 Mybb 1 Mybb 2026-04-23 N/A
Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable.
CVE-2008-2976 1 Tinx Cms 1 Tinx Cms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) language parameter to (a) include_me.php, (b) admin/ajax.php, and (c) admin/objects/catalog.ajaxhandler.php; and the (2) prefix parameter to (d) admin/inc/config.php.
CVE-2008-2838 1 Traindepot 1 Traindepot 2026-04-23 N/A
Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter.
CVE-2008-0158 1 Shop-script 1 Shop-script 2026-04-23 N/A
Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter.
CVE-2007-5461 2 Apache, Redhat 8 Tomcat, Certificate System, Enterprise Linux and 5 more 2026-04-23 N/A
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
CVE-2009-2546 1 Anelectron 1 Advanced Electron Forum 2026-04-23 N/A
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6214 1 Learnloop 1 Learnloop 2026-04-23 N/A
Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database.
CVE-2008-2076 1 Actualscripts 1 Actualanalyzer Lite 2026-04-23 N/A
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter.
CVE-2008-5275 1 Net2ftp 1 Net2ftp 2026-04-23 N/A
Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file.
CVE-2007-6581 1 Social Engine 1 Social Engine 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/.
CVE-2008-3149 1 F5 1 Firepass 1200 2026-04-23 N/A
The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB.
CVE-2008-1553 1 Topper 1 Toppermod 2026-04-23 N/A
Directory traversal vulnerability in mod.php in TopperMod 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the to parameter.
CVE-2008-2635 1 Barad Dur 1 Bitkinex 2026-04-23 N/A
Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder.