Total
9487 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5748 | 1 Bloofox | 1 Bloofoxcms | 2026-04-23 | 8.1 High |
| Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters. | ||||
| CVE-2008-3195 | 1 Twiki | 1 Twiki | 2026-04-23 | N/A |
| Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors. | ||||
| CVE-2009-2397 | 1 Audioarticledirectory | 1 Audio Article Directory | 2026-04-23 | N/A |
| Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter. | ||||
| CVE-2008-2966 | 1 Jaxultrabb | 1 Jaxultrabb | 2026-04-23 | N/A |
| Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information. | ||||
| CVE-2009-1498 | 1 Idb | 1 Idb | 2026-04-23 | N/A |
| Directory traversal vulnerability in inc/profilemain.php in Game Maker 2k Internet Discussion Boards (iDB) 0.2.5 Pre-Alpha SVN 243 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter in a settings action to profile.php. | ||||
| CVE-2009-2379 | 1 Bigace | 1 Bigace Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter. | ||||
| CVE-2007-1140 | 1 Barekoncept | 1 Pheap | 2026-04-23 | N/A |
| Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2008-1493 | 1 Cuteflow-bin | 1 Cuteflow Bin | 2026-04-23 | N/A |
| Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2008-2818 | 1 Easy-clanpage | 1 Easy-clanpage | 2026-04-23 | N/A |
| Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the section parameter to the default URI. | ||||
| CVE-2008-2961 | 1 Cmsmini | 1 Cms Mini | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter. | ||||
| CVE-2008-4151 | 1 Cyask | 1 Cyask | 2026-04-23 | N/A |
| Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. (dot dot) in the neturl parameter. | ||||
| CVE-2009-2325 | 1 Clicknet | 1 Clicknet Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Clicknet CMS 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the side parameter. | ||||
| CVE-2008-5598 | 1 Phpmygallery | 1 Phpmygallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter. | ||||
| CVE-2008-2370 | 2 Apache, Redhat | 7 Tomcat, Certificate System, Enterprise Linux and 4 more | 2026-04-23 | N/A |
| Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter. | ||||
| CVE-2007-6554 | 1 George Lewe | 1 Teamcal Pro | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) register.php, (3) login.php, or (4) statistics.php. | ||||
| CVE-2007-0893 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme. | ||||
| CVE-2009-1559 | 1 Cisco | 1 Wvc54gca | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible. | ||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | ||||
| CVE-2008-6224 | 1 Samelinux | 1 Way Of The Warrior | 2026-04-23 | N/A |
| Directory traversal vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the plancia parameter. | ||||
| CVE-2009-2224 | 1 An Guestbook | 1 An Guestbook | 2026-04-23 | N/A |
| Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the g_lang parameter. | ||||