Export limit exceeded: 16384 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9141 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5819 | 1 Edreamers | 1 Ednews | 2026-04-23 | N/A |
| Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1558 | 1 Cisco | 1 Wvc54gca | 2026-04-23 | N/A |
| Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter. | ||||
| CVE-2008-3385 | 1 Linuxwebshop | 1 Php Help Agent | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2007-4843 | 1 X-diesel | 1 Unreal Commander | 2026-04-23 | N/A |
| Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2008-1409 | 1 Exero | 1 Exero Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme parameter to (1) index.php, (2) editpassword.php, and (3) avatar.php in usercp/; (4) custompage.php; (5) errors/404.php; (6) memberslist.php and (7) profile.php in members/; (8) index.php and (9) fullview.php in news/; and (10) nopermission.php. | ||||
| CVE-2008-4040 | 1 Kyocera Mita | 1 Fs 118mfp | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2008-0158 | 1 Shop-script | 1 Shop-script | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Shop-Script 2.0 and possibly other versions allows remote attackers to read arbitrary files via a .. (dot dot) in the aux_page parameter. | ||||
| CVE-2007-4062 | 1 Nessus | 1 Vulnerability Scanner | 2026-04-23 | N/A |
| The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability. | ||||
| CVE-2008-3363 | 1 Dokeos | 1 E-learning System | 2026-04-23 | N/A |
| Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter. | ||||
| CVE-2008-3446 | 1 Letterit | 1 Letterit | 2026-04-23 | N/A |
| Directory traversal vulnerability in inc/wysiwyg.php in LetterIt 2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2008-4067 | 5 Canonical, Debian, Linux and 2 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2026-04-23 | N/A |
| Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a resource: URI. | ||||
| CVE-2007-5802 | 1 Firewolf Technologies | 1 Synergiser | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration. | ||||
| CVE-2008-4913 | 1 Lokicms | 1 Lokicms | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter. | ||||
| CVE-2008-1352 | 1 Hangzhou Network Technology Development | 1 Ediorcms | 2026-04-23 | N/A |
| Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the _SearchTemplate parameter during a Title search. | ||||
| CVE-2008-2459 | 1 Entertainmentscript | 1 Entertainmentscript | 2026-04-23 | N/A |
| Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
| CVE-2009-3151 | 1 Ultrize | 1 Timesheet | 2026-04-23 | N/A |
| Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter. | ||||
| CVE-2008-5856 | 1 Class | 1 Class | 2026-04-23 | N/A |
| Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | ||||
| CVE-2008-5861 | 1 Freelyrics | 1 Freelyrics | 2026-04-23 | N/A |
| Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1765 | 1 Pluck-cms | 1 Pluck | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/blog/module_info.php, and (3) data/modules/albums/module_info.php, different vectors than CVE-2008-3194. | ||||
| CVE-2007-4976 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter. | ||||