Total
8049 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3792 | 1 Adobe | 1 Flash Media Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors. | ||||
| CVE-2008-2185 | 1 Toocharger | 1 Smartblog | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1140 | 1 Barekoncept | 1 Pheap | 2025-04-09 | N/A |
| Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2009-2116 | 1 Skybluecanvas | 1 Skybluecanvas | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter. | ||||
| CVE-2009-4383 | 1 Rocomotion | 1 P Forum | 2025-04-09 | N/A |
| Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | ||||
| CVE-2009-4202 | 2 Joomla, Omilenitsolutions | 2 Joomla\!, Com Omphotogallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. | ||||
| CVE-2008-1933 | 1 Microsoft | 1 Zune Software | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remote attackers to overwrite arbitrary files via the SaveToFile method. NOTE: the victim must explicitly allow the code to run. | ||||
| CVE-2008-4780 | 1 Easy-script | 1 Myforum | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter. | ||||
| CVE-2008-3195 | 1 Twiki | 1 Twiki | 2025-04-09 | N/A |
| Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors. | ||||
| CVE-2007-1042 | 1 Xpression News | 1 Xpression News | 2025-04-09 | N/A |
| Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6400 | 1 Poldoc | 1 Poldoc Document Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter. | ||||
| CVE-2008-0946 | 1 Ipswitch | 2 Imserver, Instant Messaging | 2025-04-09 | N/A |
| Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field. | ||||
| CVE-2008-3179 | 1 W2b | 1 Phpdatingclub | 2025-04-09 | N/A |
| Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-2534 | 1 Fkrauthan | 1 Phoenix View Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ltarget parameter. | ||||
| CVE-2007-6584 | 1 1024 Cms | 1 1024 Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1. | ||||
| CVE-2006-5846 | 1 Freewebshop | 1 Freewebshop | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773. | ||||
| CVE-2007-4220 | 1 Motorola | 1 Timbuktu | 2025-04-09 | N/A |
| Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services. | ||||
| CVE-2007-6323 | 1 Mms Gallery | 1 Mms Gallery Php | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in mms_template/. | ||||
| CVE-2007-6322 | 1 Xml2owl | 1 Xml2owl | 2025-04-09 | N/A |
| Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-0923 | 1 Vmware | 5 Ace, Player, Vmware Player and 2 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string. | ||||