Total
6472 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-0758 | 1 Group Logic | 2 Extremez-ip File Server, Extremez-ip Print Server | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in the Zidget/HTTP embedded HTTP server in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier allow remote attackers to read arbitrary (1) gif, (2) png, (3) jpg, (4) xml, (5) ico, (6) zip, and (7) html files via a "..\" (dot dot backslash) sequence in the filename. | ||||
CVE-2008-0742 | 1 Powerscripts | 1 Powernews | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. (dot dot) in the (1) subpage parameter in (a) categories.inc.php, (b) news.inc.php, (c) other.inc.php, (d) permissions.inc.php, (e) templates.inc.php, and (f) users.inc.php in pnadmin/; and (2) the page parameter to (g) pnadmin/index.php. NOTE: vector 2 is only exploitable by administrators. | ||||
CVE-2008-0760 | 1 Safenet | 2 Sentinel Keys Server, Sentinel Protection Server | 2024-08-07 | N/A |
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483. | ||||
CVE-2008-0745 | 1 Domphp | 1 Domphp | 2024-08-07 | N/A |
Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-0654 | 1 Azucar Cms | 1 Azucar Cms | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Azucar CMS 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _VIEW (view) parameter to (1) index.php, (2) html/sitio/index.php, or (3) src/sistema/vistas/template/tpl_inicio.php. | ||||
CVE-2008-0615 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2024-08-07 | N/A |
Directory traversal vulnerability in wp-admin/admin.php in the DMSGuestbook 1.8.0 and 1.7.0 plugin for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) folder and (2) file parameters. | ||||
CVE-2008-0602 | 1 All Club Cms | 1 All Club Cms | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter. | ||||
CVE-2008-0703 | 1 Sflog | 1 Sflog | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php. | ||||
CVE-2008-0609 | 1 Divideconcept | 1 Vhd Web Pack | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in DivideConcept VHD Web Pack 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-0612 | 1 Xoops | 1 Xoops | 2024-08-07 | N/A |
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
CVE-2008-0396 | 1 Bitdefender | 1 Update Server | 2024-08-07 | N/A |
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request. | ||||
CVE-2008-0479 | 1 Web Wiz | 1 Newspad | 2024-08-07 | N/A |
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz NewsPad 1.02 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter. | ||||
CVE-2008-0488 | 1 Vb Marketing | 1 Vb Marketing | 2024-08-07 | N/A |
Directory traversal vulnerability in tseekdir.cgi in VB Marketing allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the location parameter. | ||||
CVE-2008-0458 | 1 Slaed | 1 Slaed Cms | 2024-08-07 | N/A |
Directory traversal vulnerability in function/sources.php in SLAED CMS 2.5 Lite allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlang parameter to index.php. | ||||
CVE-2008-0513 | 1 Phpcms | 1 Phpcms | 2024-08-07 | N/A |
Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840. | ||||
CVE-2008-0545 | 1 Bubbling Library | 1 Bubbling Library | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) uri parameter to (a) yui-menu.tpl.php, (b) simple.tpl.php, and (c) advanced.tpl.php in dispatcher/framework/; and the (2) page parameter to (d) yui-menu.php, (e) simple.php, and (f) advanced.php in dispatcher/framework/, different vectors than CVE-2008-0521. | ||||
CVE-2008-0501 | 1 Sourceforge | 1 Phpmyclub | 2024-08-07 | N/A |
Directory traversal vulnerability in phpMyClub 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page_courante parameter to the top-level URI. | ||||
CVE-2008-0478 | 1 Setcms | 1 Setcms | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the set parameter, as demonstrated by sending a certain CLIENT_IP HTTP header in an enter action to index.php, and injecting PHP sequences into files/enter.set, which is then included by index.php. | ||||
CVE-2008-0559 | 1 Nilsons Blogger | 1 Nilsons Blogger | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in comments.php. | ||||
CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2024-08-07 | N/A |
Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. |