Total
9477 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5055 | 1 Izicontents | 1 Izicontents | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the admin_home parameter to modules/poll/poll_summary.php or (2) the rootdp parameter to include/db.php. | ||||
| CVE-2008-1653 | 1 Savas Place | 1 Savas Link Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Sava's Link Manager 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6397 | 1 Flat Php | 1 Board | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to (1) create arbitrary files via a .. (dot dot) in the username parameter when registering a user account, and (2) read arbitrary PHP files via a .. (dot dot) in (a) the topic parameter in a topic action or (b) the username parameter in a viewprofile action. | ||||
| CVE-2009-4449 | 1 Mybb | 1 Mybb | 2026-04-23 | 6.5 Medium |
| Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, when changing the user avatar from the gallery, allows remote authenticated users to determine the existence of files via directory traversal sequences in the avatar and possibly the gallery parameters, related to (1) admin/modules/user/users.php and (2) usercp.php. | ||||
| CVE-2009-2184 | 1 Gravy-media | 1 Media Photo Host | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in forcedownload.php in Gravy Media Photo Host 1.0.8 allows remote attackers to read arbitrary files via an encoded "/" (slash) in the file parameter. | ||||
| CVE-2009-1488 | 1 Rens Rikkerink | 1 Fungamez | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php. | ||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2026-04-23 | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | ||||
| CVE-2008-6734 | 1 Keller Web Admin | 1 Kwa | 2026-04-23 | N/A |
| Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||
| CVE-2008-0068 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. | ||||
| CVE-2007-0898 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message. | ||||
| CVE-2008-1908 | 1 Cpcommerce | 1 Cpcommerce | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the language parameter in a language action to the default URI, which is not properly handled in actions/language.act.php, or (2) the action parameter to category.php. | ||||
| CVE-2008-6630 | 1 Typo3 | 2 Typo3, Wt Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | ||||
| CVE-2009-0865 | 1 Geovision | 1 Livex Activex Control | 2026-04-23 | N/A |
| Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods. | ||||
| CVE-2008-2813 | 1 Shoutcastadmin | 1 Wallcity-server Shoutcast Admin Panel | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in WallCity-Server Shoutcast Admin Panel 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2009-3787 | 1 Vivvo | 1 Vivvo | 2026-04-23 | N/A |
| files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . (dot) characters, which is filtered into a "../" sequence. | ||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2026-04-23 | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-2687 | 1 Promanager | 1 Promanager | 2026-04-23 | N/A |
| Directory traversal vulnerability in inc/config.php in ProManager 0.73 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2008-4773 | 1 Questwork | 1 Questcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in main/main.php in QuestCMS allows remote attackers to read arbitrary local files via a .. (dot dot) in the theme parameter. | ||||
| CVE-2009-0729 | 1 Lingx | 1 Page Engine Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-4088 | 1 Telepark | 1 Telepark.wiki | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php. | ||||