ReportizFlow
Filtered by vendor
Subscriptions
Total
8888 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0140 | 1 Uebimiau | 1 Webmail | 2026-04-23 | N/A |
| Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the selected_theme parameter, a different vector than CVE-2007-3172. | ||||
| CVE-2008-0194 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1. | ||||
| CVE-2008-0221 | 1 Gateway | 1 Weblaunch | 2026-04-23 | N/A |
| Directory traversal vulnerability in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allows remote attackers to execute arbitrary programs via a ..\ (dot dot backslash) in the second argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0427 | 1 Bloo | 1 Bloofoxcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-0452 | 1 Siteman | 1 Siteman | 2026-04-23 | N/A |
| Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action. | ||||
| CVE-2008-0745 | 1 Domphp | 1 Domphp | 2026-04-23 | N/A |
| Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-0758 | 1 Group Logic | 2 Extremez-ip File Server, Extremez-ip Print Server | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in the Zidget/HTTP embedded HTTP server in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allow remote attackers to read arbitrary (1) gif, (2) png, (3) jpg, (4) xml, (5) ico, (6) zip, and (7) html files via a "..\" (dot dot backslash) sequence in the filename. | ||||
| CVE-2007-5299 | 1 Skadate | 1 Skadate Online Dating Software | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode parameter to (1) featured_list.php and (2) online_list.php in member/. | ||||
| CVE-2007-5776 | 1 Blue-collar Productions | 1 I-gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence. | ||||
| CVE-2007-5823 | 1 Scribe | 1 Scribe | 2026-04-23 | N/A |
| Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action. | ||||
| CVE-2007-5826 | 1 Edraw | 1 Flowchart Activex | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420. | ||||
| CVE-2007-6233 | 1 Ftp Admin | 1 Ftp Admin | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2007-3936 | 1 A-shop | 1 A-shop | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter. | ||||
| CVE-2007-6604 | 1 Xcms | 1 Xcms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the s parameter to the admin page or (2) the pg parameter to an arbitrary module, as demonstrated by reading a password hash in a .dtb file under dati/membri/ or by executing embedded PHP code in images under uploads/avatar/. | ||||
| CVE-2008-0615 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2026-04-23 | N/A |
| Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters. | ||||
| CVE-2007-4764 | 1 Pawfaliki | 1 Pawfaliki | 2026-04-23 | N/A |
| Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to list arbitrary files via a .. (dot dot) in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4843 | 1 X-diesel | 1 Unreal Commander | 2026-04-23 | N/A |
| Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-3504 | 2 Microsoft, Sun | 4 Windows, Jdk, Jre and 1 more | 2026-04-23 | N/A |
| Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. NOTE: this can be leveraged to execute arbitrary code by overwriting a .java.policy file. | ||||
| CVE-2008-2838 | 1 Traindepot | 1 Traindepot | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter. | ||||
| CVE-2008-5862 | 1 Webcamxp | 1 Webcamxp | 2026-04-23 | N/A |
| Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. | ||||