ReportizFlow
Filtered by vendor
Subscriptions
Total
8534 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2217 | 1 Mario Valdez | 1 Content Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cm_imgpath parameter. | ||||
| CVE-2008-0252 | 1 Cherrypy | 1 Cherrypy | 2025-04-09 | N/A |
| Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie. | ||||
| CVE-2009-3167 | 1 Anantasoft | 1 Gazelle Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2008-4528 | 1 Phlatline | 1 Personal Information Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in notes.php in Phlatline's Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter in an edit action. | ||||
| CVE-2008-5604 | 1 Drennansoft | 1 My Simple Forum | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||
| CVE-2007-1076 | 1 Phptraffica | 1 Phptraffica | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php. | ||||
| CVE-2007-6648 | 1 Sanybee Gallery | 1 Sanybee Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | ||||
| CVE-2009-1847 | 1 Easypx41 | 1 Easy Px 41 Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fiche parameter. | ||||
| CVE-2008-6201 | 1 Kwsphp | 1 Kwsphp | 2025-04-09 | N/A |
| Directory traversal vulnerability in help.php in the eskuel module in KwsPHP 1.3.456, as available before 20080416, allows remote attackers to execute arbitrary commands via the action parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0448 | 1 Syntax Desktop | 1 Syntax Desktop | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter. | ||||
| CVE-2008-6592 | 2 Lightneasy, Sqlite | 2 Lightneasy, Sqlite | 2025-04-09 | N/A |
| thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte). | ||||
| CVE-2008-1885 | 1 Cdnetworks | 1 Download Client | 2025-04-09 | N/A |
| Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a .. (dot dot) in the SkinPath parameter and a .zip URL in the HttpSkin parameter. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-4058 | 1 Emc | 1 Vmware | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | ||||
| CVE-2006-5897 | 1 Phpheaven | 1 Phpmychat Plus | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PhpMyChat Plus 1.9 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the ChatPath parameter to (1) avatar.php, (2) colorhelp_popup.php, (3) color_popup.php, (4) index.php, (5) index1.php, (6) lib/connected_users.lib.php, (7) lib/index.lib.php, and (8) phpMyChat.php3; and the (9) L parameter to logs.php. NOTE: CVE analysis suggests that vector 1 might be incorrect. | ||||
| CVE-2006-5487 | 1 Marshal | 1 Mailmarshal Smtp | 2025-04-09 | N/A |
| Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive. | ||||
| CVE-2008-6335 | 1 Emetrix | 1 Online Keyword Research Tool | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.php in eMetrix Online Keyword Research Tool allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2009-2275 | 1 Cpanel | 1 Cpanel | 2025-04-09 | N/A |
| Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter. | ||||
| CVE-2007-4683 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory. | ||||
| CVE-2009-1246 | 1 Blogplus | 1 Blogplus | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[file] includes/parameter to block_center_top.php; (3) row_mysql_blocks_left[file] parameter to includes/block_left.php; (4) row_mysql_blocks_right[file] parameter to includes/block_right.php; and row_mysql_bloginfo[theme] parameter to (5) includes/window_down.php and (6) includes/window_top.php. | ||||
| CVE-2008-5943 | 1 Navboard | 1 Navboard | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to (1) admin_modules.php and (2) modules.php. | ||||