Total
6541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0442 | 1 Phpbbbook | 1 Phpbbbook | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and 1.3h allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter. | |||||
| CVE-2009-0423 | 1 Kevin Walker | 1 Php Photo Album | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter. | |||||
| CVE-2009-0392 | 1 Motorola | 1 Cpei300 | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2009-0371 | 1 Sitexs Cms | 1 Sitexs Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter. | |||||
| CVE-2009-0340 | 1 Quirm | 1 Simple Php Newsletter | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php. | |||||
| CVE-2009-0331 | 1 Quirm | 1 Espg | 2024-11-21 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG. | |||||
| CVE-2009-0330 | 1 Wss-pro | 1 Scms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | |||||
| CVE-2009-0325 | 1 Ninjadesigns | 1 Ninja Blog | 2024-11-21 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter. | |||||
| CVE-2009-0291 | 1 Openx | 1 Openx | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter. | |||||
| CVE-2009-0290 | 1 Sir | 1 Gnuboard | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathname. | |||||
| CVE-2009-0288 | 1 Windows Tftp Utility | 1 Tftputil | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request. | |||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2024-11-21 | 2.6 LOW | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | |||||
| CVE-2009-0271 | 1 Fujitsu | 1 Systemcastwizard Lite | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | |||||
| CVE-2009-0244 | 1 Microsoft | 1 Windows Mobile | 2024-11-21 | 8.5 HIGH | 8.8 HIGH |
| Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2009-0113 | 1 Joomla | 2 Joomla, Xstandard | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. | |||||
| CVE-2008-7262 | 1 G.rodola | 1 Pyftpdlib | 2024-11-21 | 6.5 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a pathname to a (1) CWD, (2) DELE, (3) STOR, or (4) RETR command. | |||||
| CVE-2008-7254 | 1 Ermenegildo Fiorito | 1 Irmin Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-7240 | 1 Linuxwebshop | 1 Php User Base | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | |||||
| CVE-2008-7178 | 1 Xoops | 2 Uploader, Xoops | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php. | |||||
| CVE-2008-7176 | 1 Celina Jorge | 1 Facil Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php. | |||||