Export limit exceeded: 351382 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9153 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6183 | 1 Myphpindexer | 1 My Php Indexer | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in index.php in My PHP Indexer 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) d and (2) f parameters. | ||||
| CVE-2007-4545 | 1 X-diesel | 1 Unreal Commander | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) ZIP or (2) RAR archive. | ||||
| CVE-2009-1519 | 1 Pecio-cms | 1 Pecio Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Pecio CMS 1.1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter. | ||||
| CVE-2007-6322 | 1 Xml2owl | 1 Xml2owl | 2026-04-23 | N/A |
| Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2026-04-23 | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | ||||
| CVE-2008-5997 | 1 Ocp2 | 1 Omnicom Content Platform | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform (OCP) 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter. | ||||
| CVE-2007-6404 | 2 Microsoft, Shttp | 2 Windows, Shttp | 2026-04-23 | N/A |
| Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. | ||||
| CVE-2009-1510 | 1 Koschtit | 1 Koschtit Image Gallery | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in KoschtIT Image Gallery 1.82 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the file parameter to (1) ki_makepic.php and (2) ki_nojsdisplayimage.php in ki_base/. | ||||
| CVE-2007-5174 | 1 Actsite | 1 Actsite | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpinc/news.php in actSite 1.56 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the do parameter. | ||||
| CVE-2009-2037 | 1 Onlinegrades | 1 Online Grades | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php. | ||||
| CVE-2008-6901 | 1 2532gigs | 1 2532gigs | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) settings.php, (2) deleteuser.php, (3) mini_calendar.php, (4) manage_venues.php, and (5) manage_gigs.php, a different vector than CVE-2007-4585. | ||||
| CVE-2007-4820 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter. | ||||
| CVE-2009-1502 | 1 Matteoiammarrone | 1 S-cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
| CVE-2007-6185 | 1 Eurologon | 1 Eurologon Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials. | ||||
| CVE-2007-0205 | 1 Alexphpteam | 1 Alex Guestbook | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows remote attackers to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for file inclusion by creating a skin file in the lang directory, then referencing that file via the lang parameter to index.php, which passes a sanity check in livre_include.php. | ||||
| CVE-2007-4058 | 1 Emc | 1 Vmware | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | ||||
| CVE-2009-4427 | 1 Phpldapadmin Project | 1 Phpldapadmin | 2026-04-23 | N/A |
| Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter. | ||||
| CVE-2008-0782 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter. | ||||
| CVE-2007-6214 | 1 Learnloop | 1 Learnloop | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database. | ||||
| CVE-2009-1498 | 1 Idb | 1 Idb | 2026-04-23 | N/A |
| Directory traversal vulnerability in inc/profilemain.php in Game Maker 2k Internet Discussion Boards (iDB) 0.2.5 Pre-Alpha SVN 243 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter in a settings action to profile.php. | ||||