Total
9505 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3824 | 1 Michael J Greenwood | 1 Php Content Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter. | ||||
| CVE-2009-1488 | 1 Rens Rikkerink | 1 Fungamez | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php. | ||||
| CVE-2008-0946 | 1 Ipswitch | 2 Imserver, Instant Messaging | 2026-04-23 | N/A |
| Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field. | ||||
| CVE-2007-1138 | 1 Cromosoft | 1 Simple Plantilla Php | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter. | ||||
| CVE-2008-0427 | 1 Bloo | 1 Bloofoxcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-5579 | 1 Mini-pub | 1 Mini-pub | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter. | ||||
| CVE-2008-4243 | 1 Epic Games | 1 Unreal Tournament 3 | 2026-04-23 | N/A |
| Directory traversal vulnerability in ImageServer (aka UTImageServer) in WebAdmin before 1.7 for Epic Games Unreal Tournament 3 (UT3) 1.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-0361 | 1 Instituto Politicnico Nacional | 1 Gradman | 2026-04-23 | N/A |
| Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter. | ||||
| CVE-2008-1000 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments. | ||||
| CVE-2009-2166 | 2 Ocsinventory-ng, Unix | 2 Ocs Inventory Ng, Unix | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter. | ||||
| CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2026-04-23 | N/A |
| Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | ||||
| CVE-2008-0184 | 1 Prenotazioni On Line | 1 Syshotel On Line System | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter. | ||||
| CVE-2008-2889 | 1 Wise-ftp | 1 Wise-ftp | 2026-04-23 | N/A |
| Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
| CVE-2008-6195 | 1 Landesk | 1 Landesk Management Suite | 2026-04-23 | N/A |
| Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite (LDMS) 8.80.1.1 and earlier allows remote attackers to read arbitrary files via a subdirectory name followed by ".." sequences, a different vulnerability than CVE-2008-1643. | ||||
| CVE-2008-0091 | 1 Agency4net | 1 Webftp | 2026-04-23 | N/A |
| Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-0140 | 1 Uebimiau | 1 Webmail | 2026-04-23 | N/A |
| Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172. | ||||
| CVE-2008-2534 | 1 Fkrauthan | 1 Phoenix View Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ltarget parameter. | ||||
| CVE-2008-5570 | 1 Php Multiple Newsletters | 1 Php Multiple Newsletters | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2009-2037 | 1 Onlinegrades | 1 Online Grades | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php. | ||||
| CVE-2007-5321 | 1 Verlihub-project | 1 Verlihub Control Panel | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter. | ||||