Search
Total
1863 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2047 | 1 Cisco | 6 Crs, Customer Response Applications, Ip Qm and 3 more | 2017-08-17 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors. | |||||
| CVE-2009-2007 | 1 Dokeos | 1 Dokeos | 2017-08-17 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) read arbitrary files via a .. (dot dot) in the doc_url parameter to main/exercice/Hpdownload.php. | |||||
| CVE-2009-1737 | 1 Diqiye | 1 Mypic | 2017-08-17 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in arbitrary directories via a .. (dot dot) in the dir parameter. | |||||
| CVE-2009-2444 | 1 Adbnewssender | 1 Adbnewssender | 2017-08-17 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php. | |||||
| CVE-2009-1559 | 1 Cisco | 1 Wvc54gca | 2017-08-17 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible. | |||||
| CVE-2009-1558 | 1 Cisco | 1 Wvc54gca | 2017-08-17 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter. | |||||
| CVE-2009-0929 | 1 Nucleus Group | 1 Nucleus Cms | 2017-08-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2008-6273 | 1 Myktools | 1 Myktools | 2017-08-17 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the langage parameter, a different vulnerability than CVE-2008-4781. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-0729 | 1 Lingx | 1 Page Engine Cms | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6126 | 1 Mozilo | 1 Mozilocms | 2017-08-17 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) page parameter to index.php, a different vector than CVE-2008-3589. | |||||
| CVE-2008-6786 | 1 Codewiz | 1 Geekigeeki | 2017-08-17 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions. | |||||
| CVE-2008-6630 | 1 Typo3 | 2 Typo3, Wt Gallery | 2017-08-17 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | |||||
| CVE-2008-7093 | 1 Unica | 1 Affinium Campaign | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener. | |||||
| CVE-2001-1586 | 1 Analogx | 1 Simpleserver Www | 2017-08-17 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to execute arbitrary programs via encoded ../ ("%2E%2E%2F%") sequences in a request to the cgi-bin/ directory, a different vulnerability than CVE-2000-0664. | |||||
| CVE-2008-6610 | 1 Ott | 1 Phpcksec | 2017-08-17 | 6.4 MEDIUM | N/A |
| Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter. | |||||
| CVE-2008-6424 | 1 Jun Sota | 1 Ffftp | 2017-08-17 | 8.8 HIGH | N/A |
| Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite arbitrary files via a response to an FTP LIST command with a filename that contains a .. (dot dot). | |||||
| CVE-2008-6516 | 1 Phpkf | 1 Phpkf-portal | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6129 | 1 Mozilo | 1 Mozilowiki | 2017-08-17 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-5275 | 1 Net2ftp | 1 Net2ftp | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the (a) "Unzip archive" and (b) "Upload files and archives" functionality in net2ftp 0.96 stable and 0.97 beta allow remote attackers to create, read, or delete arbitrary files via a .. (dot dot) in a filename within a (1) TAR or (2) ZIP archive. NOTE: this can be leveraged for code execution by creating a .php file. | |||||
| CVE-2008-5943 | 1 Navboard | 1 Navboard | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to (1) admin_modules.php and (2) modules.php. | |||||
| CVE-2008-5301 | 1 Dovecot | 1 Dovecot | 2017-08-08 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name. | |||||
| CVE-2008-5723 | 1 Cgi-rescue | 2 Kannibbs2000, Kannibbs2000i | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2008-5867 | 1 Yerba | 1 Yerba | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary files, and possibly have other impact, via directory traversal sequences in the mod field contained in the base64-encoded SID parameter to an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-5997 | 1 Ocp2 | 1 Omnicom Content Platform | 2017-08-08 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform (OCP) 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter. | |||||
| CVE-2008-5645 | 1 Orb Networks | 1 Orb | 2017-08-08 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP GET request. | |||||
| CVE-2008-5175 | 1 Visicommedia | 1 Aceftp | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||
| CVE-2008-5207 | 1 Jonascms | 1 Jonascms | 2017-08-08 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Jonascms 1.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the taal parameter to (1) backup.php and (2) gb_voegtoe.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3723 | 1 Phpizabi | 1 Phpizabi | 2017-08-08 | 6.3 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 HFP3 allows remote authenticated administrators to read arbitrary files via (1) a .. (dot dot), (2) a URL, or possibly (3) a full pathname in the id parameter in an admin.templates.edittemplate action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3776 | 1 Fujitsu | 1 Web Based Admin View | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2008-4797 | 1 Arihiro Kurta | 1 Kantan Web Server | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Arihiro Kurata Kantan WEB Server 1.8 and earlier allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2008-4040 | 1 Kyocera Mita | 1 Fs 118mfp | 2017-08-08 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the Kyocera Command Center in Kyocera FS-118MFP allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2008-4129 | 1 Gallery | 1 Gallery | 2017-08-08 | 4.0 MEDIUM | N/A |
| Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality. | |||||
| CVE-2008-4437 | 1 Mozilla | 1 Bugzilla | 2017-08-08 | 7.1 HIGH | N/A |
| Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element. | |||||
| CVE-2008-4489 | 1 Atarone | 1 Atarone | 2017-08-08 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3677 | 1 Openfreeway | 1 Freeway | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors. | |||||
| CVE-2008-4499 | 1 Php Web Explorer | 1 Php Web Explorer Lite | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php. | |||||
| CVE-2008-4769 | 1 Wordpress | 1 Wordpress | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3710 | 1 Hotscripts | 1 Cyboards Php Lite | 2017-08-08 | 5.1 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and (c) process_edit_board.php in adminopts/. NOTE: some of these vectors might not be vulnerabilities under proper installation. | |||||
| CVE-2008-2415 | 1 Digitalhive | 1 Digitalhive | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-3312 | 1 Lemoncms | 1 Lemon Cms | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in lemon_includes/FCKeditor/editor/filemanager/browser/browser.php in Lemon CMS 1.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be an issue in FCKeditor. | |||||
| CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2017-08-08 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | |||||
| CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||
| CVE-2008-2512 | 1 Symantec | 1 Backupexec System Recovery | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2008-3296 | 1 Xoops | 1 Xoops | 2017-08-08 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2635 | 1 Barad Dur | 1 Bitkinex | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2008-2399 | 2 Fireftp, Mozilla | 2 Fireftp, Firefox | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2008-2403 | 1 Sun | 1 Java Asp Server | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method. | |||||
| CVE-2008-2779 | 1 Globalscape | 1 Cuteftp | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2008-3163 | 1 Regretless | 1 Dodos Mail | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2821 | 2 Glub, Microsoft | 2 Secure Ftp, Windows Nt | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||