Total
8047 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1765 | 1 Pluck-cms | 1 Pluck | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/blog/module_info.php, and (3) data/modules/albums/module_info.php, different vectors than CVE-2008-3194. | ||||
| CVE-2009-1768 | 1 Ramazeiten | 4 Ramazaitencms0.9.7.5, Ramazaitencms0.9.7.6, Ramazaitencms0.9.7.8 and 1 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.php in Rama Zaiten CMS 0.9.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2009-1770 | 1 Flyspeck | 1 Flyspeck Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in includes/database/examples/addressbook.php in Flyspeck CMS 6.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2009-1774 | 1 Strawberry | 1 Strawberry | 2025-04-09 | N/A |
| Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to example/index.php. NOTE: this was originally reported as an issue affecting the do parameter, but traversal with that parameter might depend on a modified example/index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1779 | 1 Frax | 1 Php Recommend | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the form_include_template parameter. | ||||
| CVE-2009-2081 | 1 Phpwebthings | 1 Phpwebthings | 2025-04-09 | N/A |
| Directory traversal vulnerability in help.php in phpWebThings 1.5.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter. | ||||
| CVE-2008-2896 | 1 Getfireant | 1 Fireant | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
| CVE-2008-2887 | 1 Chaozzatwork | 1 Fubarforum | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-4632 | 1 Kure | 1 Kure | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the (1) post and (2) doc parameters. | ||||
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | ||||
| CVE-2008-2073 | 1 Virtual Design Studios | 1 Vlbook | 2025-04-09 | N/A |
| Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter. | ||||
| CVE-2008-2081 | 1 Siteman | 1 Siteman | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2008-2116 | 1 Scriptsez | 1 Power Editor | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) te and (2) dir parameters in a tempedit action. | ||||
| CVE-2008-2215 | 1 Pbcs | 1 Project-based Calendaring System | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) src/yopy_sync.php and (2) system-logger/print_logs.php. | ||||
| CVE-2009-4415 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php. | ||||
| CVE-2009-4426 | 1 Launchpad | 1 Ignition | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php. | ||||
| CVE-2009-1847 | 1 Easypx41 | 1 Easy Px 41 Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fiche parameter. | ||||
| CVE-2009-1624 | 1 Dew-code | 1 Dew-newphplinks | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the show parameter. | ||||
| CVE-2009-1873 | 1 Adobe | 1 Jrun | 2025-04-09 | N/A |
| Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter. | ||||