Total
7860 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0288 | 1 Windows Tftp Utility | 1 Tftputil | 2025-04-09 | N/A |
| Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request. | ||||
| CVE-2009-0244 | 1 Microsoft | 1 Windows Mobile | 2025-04-09 | 8.8 High |
| Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2008-7240 | 1 Linuxwebshop | 1 Php User Base | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | ||||
| CVE-2008-7178 | 1 Xoops | 2 Uploader, Xoops | 2025-04-09 | N/A |
| Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php. | ||||
| CVE-2008-7176 | 1 Celina Jorge | 1 Facil Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php. | ||||
| CVE-2008-2495 | 1 Pancake | 1 Zina | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to have an unknown impact via a .. (dot dot) in the p parameter. | ||||
| CVE-2008-5883 | 1 Mini-pub | 1 Mini-pub | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter. | ||||
| CVE-2008-5894 | 1 Mediatheka | 1 Mediatheka | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2008-7142 | 1 Cpanel | 1 Cpanel | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in the Disk Usage module (frontend/x/diskusage/index.html) in cPanel 11.18.3 allows remote attackers to list arbitrary directories via the showtree parameter. | ||||
| CVE-2008-6901 | 1 2532gigs | 1 2532gigs | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) settings.php, (2) deleteuser.php, (3) mini_calendar.php, (4) manage_venues.php, and (5) manage_gigs.php, a different vector than CVE-2007-4585. | ||||
| CVE-2007-1143 | 1 Jeunes-webmasters | 1 J-web Pics Navigator | 2025-04-09 | N/A |
| Directory traversal vulnerability in pn-menu.php in J-Web Pics Navigator 1.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter. | ||||
| CVE-2008-1325 | 1 Leinir Turthra | 1 Uberghey Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Uberghey CMS 0.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1324. | ||||
| CVE-2008-5919 | 1 Tigris | 1 Websvn | 2025-04-09 | N/A |
| Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter. | ||||
| CVE-2008-6877 | 1 Zen Cart | 1 Zen Cart | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths. | ||||
| CVE-2007-5364 | 1 Viart | 1 Shopping Cart | 2025-04-09 | N/A |
| Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php | ||||
| CVE-2008-6842 | 1 Pluck-cms | 1 Pluck | 2025-04-09 | N/A |
| Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the post parameter. | ||||
| CVE-2008-2439 | 1 Trend Micro | 2 Officescan, Worry Free Business Security | 2025-04-09 | N/A |
| Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2342 | 1 News Manager | 1 News Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | ||||
| CVE-2008-6825 | 1 Trixbox | 1 Trixbox | 2025-04-09 | N/A |
| Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the langChoice parameter. | ||||
| CVE-2008-5948 | 1 Bncwi | 1 Bncwi | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter. | ||||