Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5598 | 1 Phpmygallery | 1 Phpmygallery | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter. | |||||
| CVE-2008-5604 | 1 Drennansoft | 1 My Simple Forum | 2017-09-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | |||||
| CVE-2008-5639 | 1 Txtblogcms | 1 Txtblog | 2017-09-28 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read arbitrary files via a .. (dot dot) in the m parameter. | |||||
| CVE-2008-5642 | 1 Cmsmadesimple | 1 Cms Made Simple | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. | |||||
| CVE-2008-5919 | 1 Tigris | 1 Websvn | 2017-09-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter. | |||||
| CVE-2008-5728 | 1 Netcat | 1 Netcat | 2017-09-28 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/. | |||||
| CVE-2008-5752 | 1 Wordpress | 2 Page Flip Image Gallery Plugin, Wordpress | 2017-09-28 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5748 | 1 Bloofox | 1 Bloofoxcms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters. | |||||
| CVE-2008-5771 | 1 Phpweather | 1 Phpweather | 2017-09-28 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | |||||
| CVE-2008-5776 | 1 Apertoblog | 1 Apertoblog | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) action parameter to admin.php and the (2) get parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2008-5794 | 1 Lovecms | 1 Lovecms | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in system/admin/images.php in LoveCMS 1.6.2 Final allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter. | |||||
| CVE-2008-5819 | 1 Edreamers | 1 Ednews | 2017-09-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5818 | 1 Edreamers | 1 Edcontainer | 2017-09-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5856 | 1 Class | 1 Class | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | |||||
| CVE-2008-5965 | 1 Lokicms | 1 Lokicms | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-5860 | 1 Constructr | 1 Constructr-cms | 2017-09-28 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter. | |||||
| CVE-2008-5861 | 1 Freelyrics | 1 Freelyrics | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5862 | 1 Webcamxp | 1 Webcamxp | 2017-09-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. | |||||
| CVE-2008-5878 | 1 Phpclanwebsite | 1 Phpclanwebsite | 2017-09-28 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php. | |||||
| CVE-2008-5881 | 1 Playsms | 1 Playsms | 2017-09-28 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php. | |||||