Total
6537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3371 | 1 Talkback | 1 Talkback | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | |||||
| CVE-2008-3365 | 2 Microsoft, Pixelpost | 7 Windows, Windows-nt, Windows 2000 and 4 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter. | |||||
| CVE-2008-3363 | 1 Dokeos | 1 E-learning System | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter. | |||||
| CVE-2008-3333 | 1 Mantis | 1 Mantis | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attackers to include and execute arbitrary files via the language parameter to the user preferences page (account_prefs_update.php). | |||||
| CVE-2008-3312 | 1 Lemoncms | 1 Lemon Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in lemon_includes/FCKeditor/editor/filemanager/browser/browser.php in Lemon CMS 1.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be an issue in FCKeditor. | |||||
| CVE-2008-3296 | 1 Xoops | 1 Xoops | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3293 | 1 Ezwebalbum | 1 Ezwebalbum | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in EZWebAlbum allows remote attackers to read arbitrary files via the dlfilename parameter. | |||||
| CVE-2008-3277 | 2 Openfabrics, Redhat | 2 Ibutils, Enterprise Linux | 2024-11-21 | 4.4 MEDIUM | N/A |
| Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header. | |||||
| CVE-2008-3205 | 1 Easy-script | 1 Wysi Wiki Wyg | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | |||||
| CVE-2008-3195 | 1 Twiki | 1 Twiki | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors. | |||||
| CVE-2008-3194 | 1 Pluck | 1 Pluck | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) langpref, (2) file, (3) blogpost, or (4) cat parameter. | |||||
| CVE-2008-3192 | 1 Sclek | 1 Jsite | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | |||||
| CVE-2008-3190 | 1 1scripts | 1 Codedb | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2008-3179 | 1 W2b | 1 Phpdatingclub | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-3165 | 1 Fuzzylime | 1 Fuzzylime Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805. | |||||
| CVE-2008-3164 | 1 Fuzzylime | 1 Fuzzylime Cms | 2024-11-21 | 7.6 HIGH | N/A |
| Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected. | |||||
| CVE-2008-3163 | 1 Regretless | 1 Dodos Mail | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3150 | 1 Neutrino-cms | 1 Atomic Edition | 2024-11-21 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php. | |||||
| CVE-2008-3149 | 1 F5 | 1 Firepass 1200 | 2024-11-21 | 7.8 HIGH | N/A |
| The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB. | |||||
| CVE-2008-3128 | 1 Pivot | 1 Pivot | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter. | |||||