Total
9514 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2978 | 1 Ourvideocms | 1 Ourvideo Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter. | ||||
| CVE-2008-0923 | 1 Vmware | 5 Ace, Player, Vmware Player and 2 more | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string. | ||||
| CVE-2007-6376 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-23 | N/A |
| Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6734 | 1 Keller Web Admin | 1 Kwa | 2026-04-23 | N/A |
| Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||
| CVE-2008-3939 | 1 Avtech | 1 Pager Enterprise | 2026-04-23 | 7.5 High |
| Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI. | ||||
| CVE-2009-4374 | 1 Alienvault | 1 Open Source Security Information Management | 2026-04-23 | N/A |
| Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to upload files into arbitrary directories via a .. (dot dot) in the id_document parameter. | ||||
| CVE-2008-6630 | 1 Typo3 | 2 Typo3, Wt Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | ||||
| CVE-2008-0480 | 1 Web Wiz | 1 Web Wiz Forums | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp. | ||||
| CVE-2008-3036 | 1 Cms Little | 1 Cms Little | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter. | ||||
| CVE-2009-0288 | 1 Windows Tftp Utility | 1 Tftputil | 2026-04-23 | N/A |
| Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request. | ||||
| CVE-2007-6404 | 2 Microsoft, Shttp | 2 Windows, Shttp | 2026-04-23 | N/A |
| Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. | ||||
| CVE-2008-2045 | 1 Sugarcrm | 1 Sugarcrm | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory. | ||||
| CVE-2008-6423 | 1 I-apps | 1 Passwiki | 2026-04-23 | N/A |
| Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter. | ||||
| CVE-2008-2672 | 1 Erfurtwiki | 1 Erfurtwiki | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and earlier, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) ewiki_id and (2) ewiki_action parameters to fragments/css.php, and possibly the (3) id parameter to the default URI. NOTE: the default URI is site-specific but often performs an include_once of ewiki.php. | ||||
| CVE-2008-4040 | 1 Kyocera Mita | 1 Fs 118mfp | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2026-04-23 | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | ||||
| CVE-2007-6369 | 1 Wordpress | 1 Pictpress | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) size or (2) path parameter. | ||||
| CVE-2008-2076 | 1 Actualscripts | 1 Actualanalyzer Lite | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style parameter. | ||||
| CVE-2008-5990 | 1 Eduforge | 1 Emergecolab | 2026-04-23 | N/A |
| Directory traversal vulnerability in connect/init.inc in emergecolab 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sitecode parameter to connect/index.php. | ||||
| CVE-2008-6129 | 1 Mozilo | 1 Mozilowiki | 2026-04-23 | N/A |
| Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||