Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0944 | 2 Joomla, Thorsten Riess | 2 Joomla\!, Com Jcollection | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-0953 | 1 Phpcoin | 1 Phpcoin | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter. | |||||
| CVE-2010-0957 | 1 Saskia Bruckner | 1 Saskias Shopsystem | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter. | |||||
| CVE-2010-0967 | 1 Geekhelps | 1 Admp | 2017-08-16 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0972 | 2 G4j.laoneo, Joomla | 2 Com Gcalendar, Joomla\! | 2017-08-16 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1056 | 2 Joomla, Rockettheme | 2 Joomla\!, Com Rokdownloads | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1057 | 1 Phpkobo | 1 Adfreely | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php in (1) codelib/cfg/, (2) codelib/sys/, (3) staff/, and (4) staff/app/; and (5) staff/file.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1058 | 1 Phpkobo | 1 Address Book Script | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. | |||||
| CVE-2010-1077 | 2 Vbseo, Vbulletin | 2 Vbseo, Vbulletin | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter. | |||||
| CVE-2010-1110 | 1 Djayp | 1 Phpmysport | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phpMySport 1.4 allows remote attackers to list arbitrary directories via a .. (dot dot) in the current_folder parameter. | |||||
| CVE-2010-1115 | 1 Comscripts | 1 Web Server Creator Web Portal | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. | |||||
| CVE-2009-3123 | 1 Visavi | 1 Wap-motor | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in gallery/gallery.php in Wap-Motor before 18.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the image parameter. | |||||
| CVE-2009-3211 | 1 Dimofinf | 1 Infinity Script | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. | |||||
| CVE-2009-3542 | 1 Kneuro | 1 Littlesite.php | 2017-08-16 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | |||||
| CVE-2009-3694 | 1 Jdtmmsm | 1 Ezrecipe-zee | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter. | |||||
| CVE-2009-3902 | 2 Cherokee, Microsoft | 2 Cherokee Httpd, Windows | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL. | |||||
| CVE-2009-4088 | 1 Telepark | 1 Telepark.wiki | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the (3) group parameter to upload.php. | |||||
| CVE-2009-4194 | 1 Kmint21 | 1 Golden Ftp Server | 2017-08-16 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in Golden FTP Server 4.30 Free and Professional, 4.50, and possibly other versions allows remote authenticated users to delete arbitrary files via a .. (dot dot) in the DELE command. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4216 | 1 Klinza | 1 Klinza Professional Cms | 2017-08-16 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | |||||
| CVE-2009-4315 | 1 Nuggetz | 1 Nuggetz Cms | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code. | |||||