Total
5025 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0157 | 2 Joomla, Joomlabiblestudy | 2 Joomla\!, Com Biblestudy | 2010-01-06 | 7.5 HIGH | N/A |
Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php. | |||||
CVE-2009-4434 | 1 Idevspot | 1 Isupport | 2009-12-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in index.php in IDevSpot iSupport 1.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter. | |||||
CVE-2009-4383 | 1 Rocomotion | 1 P Forum | 2009-12-23 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | |||||
CVE-2009-3792 | 1 Adobe | 1 Flash Media Server | 2009-12-21 | 10.0 HIGH | N/A |
Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors. | |||||
CVE-2009-4231 | 1 Basic-cms | 1 Sweetrice | 2009-12-08 | 7.5 HIGH | N/A |
Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter. | |||||
CVE-2009-4192 | 1 Interspire | 1 Knowledge Manager | 2009-12-03 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-4154 | 1 Elxis | 1 Elxis Cms | 2009-12-02 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
CVE-2009-4056 | 1 Betsy | 1 Betsy Cms | 2009-11-23 | 7.5 HIGH | N/A |
Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter. | |||||
CVE-2009-4053 | 1 Downstairs.dnsalias | 1 Home Ftp Server | 2009-11-23 | 4.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-4050 | 1 Phpmybackuppro | 1 Phpmybackuppro | 2009-11-23 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-3685 | 1 Emc | 1 Documentum Applicationxtender Workflow Manager | 2009-11-19 | 10.0 HIGH | N/A |
Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to TCP port 2606. | |||||
CVE-2009-3912 | 1 Tftgallery | 1 Tftgallery | 2009-11-09 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter. | |||||
CVE-2009-3693 | 2 Hp, Persits | 2 Loadrunner, Xupload | 2009-10-13 | 9.3 HIGH | N/A |
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method. | |||||
CVE-2009-3538 | 1 Allisclear | 1 Clear Content | 2009-10-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in thumb.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-3284 | 1 Phpspot | 6 Php \& Css Bbs, Php Bbs, Php Bbs Ce and 3 more | 2009-09-23 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to read arbitrary files via unspecified vectors. | |||||
CVE-2009-3124 | 1 Ipmotor | 1 Quarkmail | 2009-09-09 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. (dot dot) in the tf parameter. | |||||
CVE-2008-6505 | 1 Apache | 1 Struts | 2009-08-18 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x. | |||||
CVE-2009-2658 | 1 Znc | 1 Znc | 2009-08-11 | 7.5 HIGH | N/A |
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request. | |||||
CVE-2009-2659 | 1 Django Project | 1 Django | 2009-08-11 | 5.0 MEDIUM | N/A |
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. | |||||
CVE-2008-4454 | 1 Mysql Quick Admin | 1 Mysql Quick Admin | 2009-07-22 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |