Total
7645 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4545 | 1 X-diesel | 1 Unreal Commander | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) ZIP or (2) RAR archive. | ||||
| CVE-2008-1799 | 1 Sabros.us | 1 Sabros.us | 2025-04-09 | N/A |
| Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. | ||||
| CVE-2007-1149 | 1 Lovecms | 1 Lovecms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI. | ||||
| CVE-2008-1798 | 1 Dragoon | 1 Dragoon | 2025-04-09 | N/A |
| Directory traversal vulnerability in forum/kietu/libs/calendrier.php in Dragoon 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cal[lng] parameter. | ||||
| CVE-2008-4129 | 1 Gallery | 1 Gallery | 2025-04-09 | N/A |
| Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality. | ||||
| CVE-2007-1144 | 1 Comscripts | 1 J-web Pics Navigator | 2025-04-09 | N/A |
| Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter. | ||||
| CVE-2008-1755 | 1 Zekewalker | 1 World Of Phaos | 2025-04-09 | N/A |
| Directory traversal vulnerability in the showSource function in showSource.php in World of Phaos 4.0.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter. | ||||
| CVE-2008-1751 | 1 Ksemail | 1 Ksemail | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters. | ||||
| CVE-2008-1624 | 1 Whorl Ltd | 1 Jshop Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in v2demo/page.php in Jshop Server 1.x through 2.x allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xPage parameter. | ||||
| CVE-2009-2557 | 1 Adminnewstools | 1 Admin News Tools | 2025-04-09 | N/A |
| Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter. | ||||
| CVE-2008-1730 | 1 Arwscripts | 1 Gallery Script Lite | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path parameter. | ||||
| CVE-2008-0196 | 1 Wordpress | 1 Wordpress | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in WordPress 2.0.11 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as demonstrated by discovering the full path via a request for the \..\..\wp-config pathname; and allow remote attackers to modify arbitrary files via a .. (dot dot) in the file parameter to wp-admin/templates.php. | ||||
| CVE-2008-1645 | 1 Guillaume Meister | 1 Php Spammanager | 2025-04-09 | N/A |
| Directory traversal vulnerability in body.php in phpSpamManager (phpSM) 0.53 beta allows remote attackers to read arbitrary local files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2006-6242 | 1 S9y | 1 Serendipity | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers to read or include arbitrary local files via a .. (dot dot) sequence in the serendipity[charset] parameter in (1) include/lang.inc.php; or to plugins/ scripts (2) serendipity_event_bbcode/serendipity_event_bbcode.php, (3) serendipity_event_browsercompatibility/serendipity_event_browsercompatibility.php, (4) serendipity_event_contentrewrite/serendipity_event_contentrewrite.php, (5) serendipity_event_creativecommons/serendipity_event_creativecommons.php, (6) serendipity_event_emoticate/serendipity_event_emoticate.php, (7) serendipity_event_entryproperties/serendipity_event_entryproperties.php, (8) serendipity_event_karma/serendipity_event_karma.php, (9) serendipity_event_livesearch/serendipity_event_livesearch.php, (10) serendipity_event_mailer/serendipity_event_mailer.php, (11) serendipity_event_nl2br/serendipity_event_nl2br.php, (12) serendipity_event_s9ymarkup/serendipity_event_s9ymarkup.php, (13) serendipity_event_searchhighlight/serendipity_event_searchhighlight.php, (14) serendipity_event_spamblock/serendipity_event_spamblock.php, (15) serendipity_event_spartacus/serendipity_event_spartacus.php, (16) serendipity_event_statistics/serendipity_plugin_statistics.php, (17) serendipity_event_templatechooser/serendipity_event_templatechooser.php, (18) serendipity_event_textile/serendipity_event_textile.php, (19) serendipity_event_textwiki/serendipity_event_textwiki.php, (20) serendipity_event_trackexits/serendipity_event_trackexits.php, (21) serendipity_event_weblogping/serendipity_event_weblogping.php, (22) serendipity_event_xhtmlcleanup/serendipity_event_xhtmlcleanup.php, (23) serendipity_plugin_comments/serendipity_plugin_comments.php, (24) serendipity_plugin_creativecommons/serendipity_plugin_creativecommons.php, (25) serendipity_plugin_entrylinks/serendipity_plugin_entrylinks.php, (26) serendipity_plugin_eventwrapper/serendipity_plugin_eventwrapper.php, (27) serendipity_plugin_history/serendipity_plugin_history.php, (28) serendipity_plugin_recententries/serendipity_plugin_recententries.php, (29) serendipity_plugin_remoterss/serendipity_plugin_remoterss.php, (30) serendipity_plugin_shoutbox/serendipity_plugin_shoutbox.php, and and (31) serendipity_plugin_templatedropdown/serendipity_plugin_templatedropdown.php. | ||||
| CVE-2008-4397 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. | ||||
| CVE-2009-3693 | 2 Hp, Persits | 2 Loadrunner, Xupload | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method. | ||||
| CVE-2008-1620 | 1 2x | 1 Thinclientserver | 2025-04-09 | N/A |
| Directory traversal vulnerability in 2X TFTP service (TFTPd.exe) 3.2.0.0 and earlier in 2X ThinClientServer 5.0_sp1-r3497 and earlier allows remote attackers to read or overwrite arbitrary files via a ... (dot dot dot) in the filename. | ||||
| CVE-2009-0340 | 1 Quirm | 1 Simple Php Newsletter | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php. | ||||
| CVE-2008-1571 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in the embedded web server in Image Capture in Apple Mac OS X before 10.5 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | ||||
| CVE-2008-1564 | 1 File-transfer | 1 File Transfer | 2025-04-09 | N/A |
| Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the filename. | ||||