Export limit exceeded: 351342 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351342 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9147 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-7090 | 1 Pligg | 1 Pligg Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier allow remote attackers to (1) determine the existence of arbitrary files via a .. (dot dot) in the $tb_url variable in trackback.php, or (2) include arbitrary files via a .. (dot dot) in the template parameter to settemplate.php. | ||||
| CVE-2008-4187 | 1 Proactive Cms | 1 Proactive Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in ProActive CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2007-6624 | 1 Pnphpbb | 1 Pnphpbb | 2026-04-23 | N/A |
| Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter. | ||||
| CVE-2008-5776 | 1 Apertoblog | 1 Apertoblog | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) action parameter to admin.php and the (2) get parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2008-5787 | 2 Arabportal, Microsoft | 2 Arab Portal, Windows | 2026-04-23 | N/A |
| Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action. | ||||
| CVE-2009-3366 | 1 Plohni | 1 An Image Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in navigation.php in An image gallery 1.0 allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter. | ||||
| CVE-2008-4181 | 1 Netenberg | 1 Fantastico De Luxe | 2026-04-23 | N/A |
| Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absolute pathname in the fantasticopath parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2007-5454 | 1 Php File Sharing System | 1 Php File Sharing System | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in PHP File Sharing System 1.5.1 allows remote attackers to list or create arbitrary directories, or delete arbitrary files, as demonstrated by listing directories via a .. (dot dot) in the cam parameter. | ||||
| CVE-2008-0542 | 1 Gerd Tentler | 1 Simple Forum | 2026-04-23 | N/A |
| Directory traversal vulnerability in thumbnail.php in Gerd Tentler Simple Forum 3.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-3205 | 1 Easy-script | 1 Wysi Wiki Wyg | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | ||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2026-04-23 | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-2352 | 1 Smeego | 1 Smeego | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Smeego 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie. | ||||
| CVE-2008-5217 | 1 Phpc0d3r | 1 Txtcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in txtCMS 0.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. | ||||
| CVE-2008-3390 | 1 Minishowcase | 1 Minishowcase Image Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2008-1125 | 1 Podcast Generator | 1 Podcast Generator | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php. | ||||
| CVE-2008-4758 | 1 Php-daily | 1 Php-daily | 2026-04-23 | N/A |
| Directory traversal vulnerability in download_file.php in PHP-Daily allows remote attackers to read arbitrary local files via a .. (dot dot) in the fichier parameter. | ||||
| CVE-2009-0865 | 1 Geovision | 1 Livex Activex Control | 2026-04-23 | N/A |
| Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods. | ||||
| CVE-2008-4151 | 1 Cyask | 1 Cyask | 2026-04-23 | N/A |
| Directory traversal vulnerability in collect.php in CYASK 3.x allows remote attackers to read arbitrary files via a .. (dot dot) in the neturl parameter. | ||||
| CVE-2008-4741 | 1 Far-php | 1 Far-php | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | ||||
| CVE-2008-1145 | 3 Fedoraproject, Redhat, Ruby-lang | 4 Fedora, Enterprise Linux, Ruby and 1 more | 2026-04-23 | N/A |
| Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) "..%5c" (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. | ||||