Total
6541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0766 | 1 Bookelves | 1 Kipper | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0765 | 1 Bookelves | 1 Kipper | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the configfile parameter. | |||||
| CVE-2009-0753 | 1 Mldonkey | 1 Mldonkey | 2024-11-21 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename. | |||||
| CVE-2009-0735 | 1 Papoo | 1 Papoo | 2024-11-21 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0731 | 1 Freearcadescript | 1 Free Arcade Script | 2024-11-21 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter. | |||||
| CVE-2009-0729 | 1 Lingx | 1 Page Engine Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0722 | 1 Potato-scripts | 1 Potato News | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter. | |||||
| CVE-2009-0680 | 1 Netgear | 1 Ssl312 | 2024-11-21 | 7.8 HIGH | N/A |
| cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences. | |||||
| CVE-2009-0645 | 1 Jaws | 1 Jaws | 2024-11-21 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445. | |||||
| CVE-2009-0640 | 1 Swannsecurity | 1 Dvr4-securanet | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords. | |||||
| CVE-2009-0615 | 1 Cisco | 2 Application Control Engine Device Manager, Application Networking Manager | 2024-11-21 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions." | |||||
| CVE-2009-0596 | 1 Phpskelsite | 1 Phpskelsite | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter. | |||||
| CVE-2009-0592 | 1 Pnphpbb | 1 Pnphpbb2 | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/. | |||||
| CVE-2009-0570 | 1 Ninjadesigns | 1 Mailist | 2024-11-21 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0535 | 1 Extrosoft | 1 Thyme | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parameter. | |||||
| CVE-2009-0515 | 1 Yanocc | 1 Yanocc | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2009-0514 | 1 Webframe | 1 Webframe | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php. | |||||
| CVE-2009-0497 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter. | |||||
| CVE-2009-0457 | 1 Magtrb | 1 Aja Portal | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module. | |||||
| CVE-2009-0448 | 1 Syntax Desktop | 1 Syntax Desktop | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter. | |||||