Total
7651 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0481 | 1 Web Wiz | 1 Rich Text Editor | 2025-04-09 | N/A |
| Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter in a save action. | ||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2025-04-09 | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | ||||
| CVE-2008-0464 | 1 Absofort | 1 Aconon Mail Enterprise Sql | 2025-04-09 | N/A |
| Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2008-0458 | 1 Slaed | 1 Slaed Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in function/sources.php in SLAED CMS 2.5 Lite allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlang parameter to index.php. | ||||
| CVE-2007-6582 | 1 C97net | 1 Mblog | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter in a page mode action. | ||||
| CVE-2008-0396 | 1 Bitdefender | 1 Update Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request. | ||||
| CVE-2007-6581 | 1 Social Engine | 1 Social Engine | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/. | ||||
| CVE-2007-6554 | 1 George Lewe | 1 Teamcal Pro | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) register.php, (3) login.php, or (4) statistics.php. | ||||
| CVE-2007-4655 | 1 Cgi-rescue | 1 Shopping Basket Professional | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. | ||||
| CVE-2007-6508 | 1 Xecms | 1 Xecms | 2025-04-09 | N/A |
| Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F (dot dot slash) in the list parameter. | ||||
| CVE-2007-6404 | 2 Microsoft, Shttp | 2 Windows, Shttp | 2025-04-09 | N/A |
| Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. | ||||
| CVE-2007-6400 | 1 Poldoc | 1 Poldoc Document Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter. | ||||
| CVE-2008-0332 | 1 Aria | 1 Aria | 2025-04-09 | N/A |
| Directory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
| CVE-2007-6397 | 1 Flat Php | 1 Board | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to (1) create arbitrary files via a .. (dot dot) in the username parameter when registering a user account, and (2) read arbitrary PHP files via a .. (dot dot) in (a) the topic parameter in a topic action or (b) the username parameter in a viewprofile action. | ||||
| CVE-2007-6344 | 1 Mcms | 1 Easy Web Make | 2025-04-09 | N/A |
| Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter. | ||||
| CVE-2007-6317 | 1 Real Time Logic | 2 Barracudadrive Web Server, Barracudadrive Web Server Home Server | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/. | ||||
| CVE-2007-6290 | 1 Iptel | 1 Serweb | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters. | ||||
| CVE-2007-4663 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | ||||
| CVE-2007-6212 | 1 Google | 1 Kml | 2025-04-09 | N/A |
| Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the layer parameter. | ||||
| CVE-2007-6185 | 1 Eurologon | 1 Eurologon Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials. | ||||