Total
7652 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4483 | 1 Crux Software | 1 Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter. | ||||
| CVE-2008-4486 | 1 Yerba | 1 Yerba | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. | ||||
| CVE-2008-4519 | 1 Fastpublish | 1 Fastpublish Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Fastpublish CMS 1.9999 d allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the target parameter to (1) index2.php and (2) index.php. | ||||
| CVE-2008-4592 | 1 Sportspanel | 1 Sports Clubs Web Portal | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter. | ||||
| CVE-2008-4602 | 1 Qualityunit | 1 Post Affiliate Pro | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter. | ||||
| CVE-2008-5948 | 1 Bncwi | 1 Bncwi | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter. | ||||
| CVE-2008-4667 | 1 Arabcms | 1 Arabcms | 2025-04-09 | N/A |
| Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the rss parameter. | ||||
| CVE-2008-4702 | 1 Phpwebgallery | 1 Phpwebgallery | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) user[language] and (2) user[template] parameters to (a) init.inc.php, and (b) the user[language] parameter to isadmin.inc.php. | ||||
| CVE-2008-4707 | 1 Sylvain Pasquet | 1 Bbzl Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows remote attackers to access unauthorized directories via a .. (dot dot) in the lien_2 parameter. | ||||
| CVE-2008-4712 | 1 Lnblog | 1 Lnblog | 2025-04-09 | N/A |
| Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter. | ||||
| CVE-2008-4718 | 1 X7 Group | 1 X7 Chat | 2025-04-09 | N/A |
| Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156. | ||||
| CVE-2008-2519 | 1 Core Ftp | 1 Core Ftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2008-4740 | 1 Tinycms | 1 Tinycms | 2025-04-09 | N/A |
| Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter. | ||||
| CVE-2008-4741 | 1 Far-php | 1 Far-php | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | ||||
| CVE-2008-4758 | 1 Php-daily | 1 Php-daily | 2025-04-09 | N/A |
| Directory traversal vulnerability in download_file.php in PHP-Daily allows remote attackers to read arbitrary local files via a .. (dot dot) in the fichier parameter. | ||||
| CVE-2008-4759 | 1 Buzzscripts | 1 Buzzywall | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.php in BuzzyWall 1.3.1 allows remote attackers to read arbitrary local files via a .. (dot dot) in the id parameter. | ||||
| CVE-2008-4797 | 1 Arihiro Kurta | 1 Kantan Web Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in Arihiro Kurata Kantan WEB Server 1.8 and earlier allows remote attackers to read arbitrary files via unknown vectors. | ||||
| CVE-2008-7110 | 1 Kyoceramita | 1 Scanner File Utility | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to upload files to arbitrary locations via a .. (dot dot) in a request. | ||||
| CVE-2008-4894 | 1 Tribiq | 1 Tribiq Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the template_path parameter. NOTE: it was later reported that this issue also affects 5.0.12c. | ||||
| CVE-2007-5802 | 1 Firewolf Technologies | 1 Synergiser | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration. | ||||