Export limit exceeded: 344061 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8863 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4383 | 1 Rocomotion | 1 P Forum | 2025-04-09 | N/A |
| Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | ||||
| CVE-2009-4374 | 1 Alienvault | 1 Open Source Security Information Management | 2025-04-09 | N/A |
| Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to upload files into arbitrary directories via a .. (dot dot) in the id_document parameter. | ||||
| CVE-2007-4641 | 1 Pakupaku | 1 Pakupaku Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting code into an Apache log file. | ||||
| CVE-2007-4655 | 1 Cgi-rescue | 1 Shopping Basket Professional | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. | ||||
| CVE-2007-4663 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | ||||
| CVE-2006-6047 | 1 Etomite | 1 Etomite | 2025-04-09 | N/A |
| Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php. | ||||
| CVE-2009-4315 | 1 Nuggetz | 1 Nuggetz Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code. | ||||
| CVE-2009-4261 | 1 Roman Marxer | 1 Ganeti | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in the iallocator framework in Ganeti 1.2.4 through 1.2.8, 2.0.0 through 2.0.4, and 2.1.0 before 2.1.0~rc2 allow (1) remote attackers to execute arbitrary programs via a crafted external script name supplied through the HTTP remote API (RAPI) and allow (2) local users to execute arbitrary programs and gain privileges via a crafted external script name supplied through a gnt-* command, related to "path sanitization errors." | ||||
| CVE-2007-4683 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory. | ||||
| CVE-2007-4709 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to overwrite arbitrary files via a crafted HTTP response. | ||||
| CVE-2007-4718 | 1 Claroline | 1 Claroline | 2025-04-09 | N/A |
| Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2007-4723 | 2 Apache, Ragnarok Online Control Panel Project | 2 Http Server, Ragnarok Online Control Panel | 2025-04-09 | N/A |
| Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page. | ||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2025-04-09 | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2009-4231 | 1 Basic-cms | 1 Sweetrice | 2025-04-09 | N/A |
| Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter. | ||||
| CVE-2007-6397 | 1 Flat Php | 1 Board | 2025-04-09 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to (1) create arbitrary files via a .. (dot dot) in the username parameter when registering a user account, and (2) read arbitrary PHP files via a .. (dot dot) in (a) the topic parameter in a topic action or (b) the username parameter in a viewprofile action. | ||||
| CVE-2007-6400 | 1 Poldoc | 1 Poldoc Document Management System | 2025-04-09 | N/A |
| Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter. | ||||
| CVE-2007-6404 | 2 Microsoft, Shttp | 2 Windows, Shttp | 2025-04-09 | N/A |
| Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. | ||||
| CVE-2007-6453 | 1 Raiden Professional Servers | 1 Raidenhttpd | 2025-04-09 | N/A |
| Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the WebAdmin function is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ulang parameter. | ||||
| CVE-2009-4216 | 1 Klinza | 1 Klinza Professional Cms | 2025-04-09 | N/A |
| Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | ||||
| CVE-2009-4205 | 1 Ringsworld | 1 Flashlight Free Edition | 2025-04-09 | N/A |
| Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||