Total
7651 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5739 | 1 Ghlab | 1 Korean Ghboard | 2025-04-09 | N/A |
| Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component in Korean GHBoard allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | ||||
| CVE-2007-5366 | 1 Fujitsu | 3 Interstage Application Server, Interstage Apworks, Interstage Studio | 2025-04-09 | N/A |
| The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option. | ||||
| CVE-2007-5732 | 1 Elouai | 1 Force Download | 2025-04-09 | N/A |
| Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files script, as available on 20071030 and earlier, allows remote attackers to read arbitrary files via the file parameter. NOTE: this issue only occurs in environments where the system administrator has not followed the vendor recommendations that this product should only be used internally. | ||||
| CVE-2008-1849 | 3 Joomla, Joomlacode, Mambo | 3 Joomla, Joomlaexplorer, Mambo | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the dir parameter in a show_error action. | ||||
| CVE-2007-5731 | 1 Apache | 1 Jakarta Slide | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461. | ||||
| CVE-2007-5706 | 1 Jeeblestechnology | 1 Jeebles Directory | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in download.php in Jeebles Directory 2.9.60 allows remote attackers to read arbitrary files via a full pathname in the query string. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5694 | 1 Sitebar | 1 Sitebar | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491. | ||||
| CVE-2006-5031 | 1 Cakephp | 1 Cakephp | 2025-04-09 | N/A |
| Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename. | ||||
| CVE-2007-5674 | 1 Instaguide | 1 Weather | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in InstaGuide Weather (aka Weather for PHP) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PageName parameter. | ||||
| CVE-2006-7112 | 1 Maxdev | 1 Mdpro | 2025-04-09 | N/A |
| Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, then accessing it. | ||||
| CVE-2007-5620 | 1 Zehnet | 1 Zz Flashchat | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashChat 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. | ||||
| CVE-2007-5489 | 1 Artmedic Webdesign | 1 Artmedic Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-0091 | 1 Agency4net | 1 Webftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2007-5484 | 1 Wwwisis | 1 Wwwisis | 2025-04-09 | N/A |
| Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah. | ||||
| CVE-2007-5454 | 1 Php File Sharing System | 1 Php File Sharing System | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in PHP File Sharing System 1.5.1 allows remote attackers to list or create arbitrary directories, or delete arbitrary files, as demonstrated by listing directories via a .. (dot dot) in the cam parameter. | ||||
| CVE-2007-5417 | 1 Boastmachine | 1 Boastmachine | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in boastMachine (aka bMachine) 2.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | ||||
| CVE-2007-5491 | 1 Sitebar | 1 Sitebar | 2025-04-09 | N/A |
| Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter. | ||||
| CVE-2007-5321 | 1 Verlihub-project | 1 Verlihub Control Panel | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2007-5311 | 1 Torrenttrader | 1 Torrenttrader | 2025-04-09 | N/A |
| Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic Edition 1.07 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter. | ||||
| CVE-2007-5306 | 1 Yannick Tanguy | 1 Else If Cms | 2025-04-09 | N/A |
| ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php. | ||||