Total
6537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3087 | 1 Kasseler-cms | 1 Kasseler Cms | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module. | |||||
| CVE-2008-3071 | 1 Mybb | 1 Mybb | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable. | |||||
| CVE-2008-3036 | 1 Cms Little | 1 Cms Little | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter. | |||||
| CVE-2008-3031 | 1 Simple Php Agenda | 1 Simple Php Agenda | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-2993 | 1 Fog | 1 Fog Forum | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) fog_lang and (2) fog_skin parameters, probably related to libs/required/share.inc; and possibly the (3) fog_pseudo, (4) fog_posted, (5) fog_password, and (6) fog_cook parameters. | |||||
| CVE-2008-2985 | 1 Cmreams | 1 Cmreams Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter. | |||||
| CVE-2008-2982 | 1 Homeph Design | 1 Homeph Design | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/template_thumbnail.php, and the (2) language parameter to (b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogalerie/delete.php, and (f) fotogalerie/fotogalerie.php in admin/features/. | |||||
| CVE-2008-2978 | 1 Ourvideocms | 1 Ourvideo Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter. | |||||
| CVE-2008-2976 | 1 Tinx Cms | 1 Tinx Cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) language parameter to (a) include_me.php, (b) admin/ajax.php, and (c) admin/objects/catalog.ajaxhandler.php; and the (2) prefix parameter to (d) admin/inc/config.php. | |||||
| CVE-2008-2974 | 1 Mm Chat | 1 Mm Chat | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter. | |||||
| CVE-2008-2969 | 1 Yektaweb | 1 Academic Web Tools | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the dfile parameter. | |||||
| CVE-2008-2966 | 1 Jaxultrabb | 1 Jaxultrabb | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information. | |||||
| CVE-2008-2961 | 1 Cmsmini | 1 Cms Mini | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter. | |||||
| CVE-2008-2942 | 1 Mercurial | 1 Mercurial | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. | |||||
| CVE-2008-2938 | 1 Apache | 1 Tomcat | 2024-11-21 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version. | |||||
| CVE-2008-2913 | 1 Devalcms | 1 Devalcms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php. | |||||
| CVE-2008-2898 | 1 Hedgehog-cms | 1 Hedgehog-cms | 2024-11-21 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2008-2896 | 1 Getfireant | 1 Fireant | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-2895 | 1 Aprox | 1 Aproxengine | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2024-11-21 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||