Total
7862 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6215 | 1 Web-meetme | 1 Web-meetme | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) roomNo and possibly the (2) bookid parameter. | ||||
| CVE-2007-6290 | 1 Iptel | 1 Serweb | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters. | ||||
| CVE-2007-6331 | 1 Hp | 2 Info Center, Quick Launch Button | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista. | ||||
| CVE-2007-6623 | 1 Zeuscms | 1 Zeuscms | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to list arbitrary directories via a full pathname in the dir parameter. | ||||
| CVE-2007-6621 | 1 Joovili | 1 Joovili | 2025-04-09 | N/A |
| Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | ||||
| CVE-2008-1857 | 1 Mole | 1 Make Our Life Easy | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname parameters. | ||||
| CVE-2007-6471 | 1 Phpay | 1 Phpay | 2025-04-09 | N/A |
| Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a ..\ (dot dot backslash) in the config parameter. | ||||
| CVE-2008-5201 | 1 Otmanager | 1 Otmanager Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2008-2015 | 1 Watchfire | 1 Appscan | 2025-04-09 | N/A |
| Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) CompactSave and (2) SaveSession method in one control, and the (3) saveRecordedExploreToFile method in a different control. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-3846 | 2 Subversion, Tortoisesvn | 2 Subversion, Tortoisesvn | 2025-04-09 | N/A |
| Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\ (dot dot backslash) sequence in the filename, as stored in the file repository. | ||||
| CVE-2007-6584 | 1 1024 Cms | 1 1024 Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1. | ||||
| CVE-2008-0231 | 1 Tuned Studios | 7 Classic Theme, Endless, Freeze Theme and 4 more | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments. | ||||
| CVE-2008-0361 | 1 Instituto Politicnico Nacional | 1 Gradman | 2025-04-09 | N/A |
| Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter. | ||||
| CVE-2008-0393 | 1 Gradman | 1 Gradman | 2025-04-09 | N/A |
| Directory traversal vulnerability in info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter, a different vector than CVE-2008-0361. | ||||
| CVE-2007-6672 | 1 Mortbay Jetty | 1 Jetty | 2025-04-09 | N/A |
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI. | ||||
| CVE-2008-0431 | 1 Idmos | 1 Idmos Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter. | ||||
| CVE-2008-0452 | 1 Siteman | 1 Siteman | 2025-04-09 | N/A |
| Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action. | ||||
| CVE-2008-0458 | 1 Slaed | 1 Slaed Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in function/sources.php in SLAED CMS 2.5 Lite allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlang parameter to index.php. | ||||
| CVE-2008-0459 | 1 Liquidsilvercms | 1 Liquidsilvercms | 2025-04-09 | N/A |
| Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter. | ||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2025-04-09 | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | ||||