ReportizFlow
Filtered by vendor
Subscriptions
Total
8536 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0742 | 1 Powerscripts | 1 Powernews | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. (dot dot) in the (1) subpage parameter in (a) categories.inc.php, (b) news.inc.php, (c) other.inc.php, (d) permissions.inc.php, (e) templates.inc.php, and (f) users.inc.php in pnadmin/; and (2) the page parameter to (g) pnadmin/index.php. NOTE: vector 2 is only exploitable by administrators. | ||||
| CVE-2008-3164 | 1 Fuzzylime | 1 Fuzzylime Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected. | ||||
| CVE-2008-7176 | 1 Celina Jorge | 1 Facil Cms | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php. | ||||
| CVE-2008-5265 | 1 Tntforum | 1 Tnt Forum | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in TNT Forum 0.9.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the modulo parameter. | ||||
| CVE-2009-1558 | 1 Cisco | 1 Wvc54gca | 2025-04-09 | N/A |
| Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter. | ||||
| CVE-2007-4829 | 3 Archive\, Canonical, Redhat | 3 \, Ubuntu Linux, Enterprise Linux | 2025-04-09 | N/A |
| Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences. | ||||
| CVE-2007-5069 | 1 Massimo Chioni | 1 Mobile Entertainment Module | 2025-04-09 | N/A |
| Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter. | ||||
| CVE-2007-5461 | 2 Apache, Redhat | 8 Tomcat, Certificate System, Enterprise Linux and 5 more | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. | ||||
| CVE-2009-1368 | 1 Mozilo | 1 Mozilocms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3. | ||||
| CVE-2007-0450 | 2 Apache, Redhat | 8 Http Server, Tomcat, Certificate System and 5 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache. | ||||
| CVE-2009-0731 | 1 Freearcadescript | 1 Free Arcade Script | 2025-04-09 | N/A |
| Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter. | ||||
| CVE-2008-6090 | 1 Scriptsez | 1 Mini Hosting Panel | 2025-04-09 | N/A |
| Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action. | ||||
| CVE-2008-5771 | 1 Phpweather | 1 Phpweather | 2025-04-09 | N/A |
| Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | ||||
| CVE-2008-3293 | 1 Ezwebalbum | 1 Ezwebalbum | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | ||||
| CVE-2009-0330 | 1 Wss-pro | 1 Scms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | ||||
| CVE-2009-1406 | 1 Sweetphp | 1 Totalcalendar | 2025-04-09 | N/A |
| Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the include parameter. | ||||
| CVE-2009-1625 | 1 Davlin | 1 Thickbox Gallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Thickbox Gallery 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ln parameter. | ||||
| CVE-2008-0602 | 1 All Club Cms | 1 All Club Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. | ||||
| CVE-2008-6926 | 2 Cpanel, Netenberg | 2 Cpanel, Fantastico De Luxe | 2025-04-09 | N/A |
| Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory. | ||||
| CVE-2009-0113 | 1 Joomla | 2 Joomla, Xstandard | 2025-04-09 | N/A |
| Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. | ||||