ReportizFlow
Filtered by vendor
Subscriptions
Total
8526 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6308 | 1 Punbb | 2 Private Messaging System, Punbb | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and earlier for PunBB allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) header_new_messages.php, (3) profile_send.php, and (4) viewtopic_PM-link.php in include/pms/. | ||||
| CVE-2009-2132 | 1 4homepages | 1 4images | 2025-04-09 | N/A |
| Directory traversal vulnerability in global.php in 4images before 1.7.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter. | ||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | ||||
| CVE-2008-6604 | 1 Picoflat | 1 Picoflat Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulnerability than CVE-2007-5390. | ||||
| CVE-2008-6316 | 1 Phpmygallery | 1 Phpmygallery | 2025-04-09 | N/A |
| Directory traversal vulnerability in _conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter, a different issue than CVE-2008-6316 and a different vector than CVE-2008-6318. | ||||
| CVE-2008-6334 | 1 Emetrix | 1 Extract Website | 2025-04-09 | N/A |
| Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2008-5204 | 1 Poweraward | 1 Poweraward | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter to (1) agb.php, (2) angemeldet.php, (3) anmelden.php, (4) charts.php, (5) external_vote.php, (6) guestbook.php, (7) impressum.php, (8) index.php, (9) rss-reader.php, (10) statistic.php, (11) teilnehmer.php, (12) topsites.php, (13) votecode.php, (14) voting.php, and (15) winner.php. | ||||
| CVE-2008-0091 | 1 Agency4net | 1 Webftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-7084 | 1 Hirschelectronics | 1 Velocity Security Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
| CVE-2008-1169 | 1 Simm-comm | 1 Sci Photo Chat | 2025-04-09 | N/A |
| Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command. | ||||
| CVE-2008-6424 | 1 Jun Sota | 1 Ffftp | 2025-04-09 | N/A |
| Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite arbitrary files via a response to an FTP LIST command with a filename that contains a .. (dot dot). | ||||
| CVE-2007-5812 | 1 Modulebuilder | 1 Modulebuilder | 2025-04-09 | N/A |
| Directory traversal vulnerability in modules/Builder/DownloadModule.php in ModuleBuilder 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2007-5731 | 1 Apache | 1 Jakarta Slide | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461. | ||||
| CVE-2008-2635 | 1 Barad Dur | 1 Bitkinex | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2009-2161 | 1 Torrenttrader | 1 Torrenttrader Classic | 2025-04-09 | N/A |
| Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a modified component name. | ||||
| CVE-2008-1541 | 1 His | 1 Webshop | 2025-04-09 | N/A |
| Directory traversal vulnerability in cgi-bin/his-webshop.pl in HIS Webshop 2.50 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter. | ||||
| CVE-2009-4192 | 1 Interspire | 1 Knowledge Manager | 2025-04-09 | N/A |
| Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6590 | 2 Lightneasy, Sqlite | 2 Lightneasy, Sqlite | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php. | ||||
| CVE-2008-6658 | 1 Simple Machines | 1 Simple Machines Forum | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. (dot dot) in the package parameter during an install2 action, as demonstrated by a predictable package filename in attachments/ that was uploaded through a post2 action to index.php. | ||||