Total
6472 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-0542 | 1 Gerd Tentler | 1 Simple Forum | 2024-08-07 | N/A |
Directory traversal vulnerability in thumbnail.php in Gerd Tentler Simple Forum 3.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
CVE-2008-0489 | 1 Clansphere | 1 Clansphere | 2024-08-07 | N/A |
Directory traversal vulnerability in install.php in Clansphere 2007.4.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
CVE-2008-0480 | 1 Web Wiz | 1 Web Wiz Forums | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp. | ||||
CVE-2008-0521 | 1 Bubbling Library | 1 Bubbling Library | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read arbitrary files via a .. (dot dot) in the uri parameter to dispatcher.php in (1) examples/dispatcher/framework/, (2) examples/dispatcher/, (3) examples/wizard/, and (4) PHP/, different vectors than CVE-2008-0545. | ||||
CVE-2008-0481 | 1 Web Wiz | 1 Rich Text Editor | 2024-08-07 | N/A |
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter in a save action. | ||||
CVE-2008-0464 | 1 Absofort | 1 Aconon Mail Enterprise Sql | 2024-08-07 | N/A |
Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
CVE-2008-0459 | 1 Liquidsilvercms | 1 Liquidsilvercms | 2024-08-07 | N/A |
Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter. | ||||
CVE-2008-0431 | 1 Idmos | 1 Idmos Cms | 2024-08-07 | N/A |
Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter. | ||||
CVE-2008-0452 | 1 Siteman | 1 Siteman | 2024-08-07 | N/A |
Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action. | ||||
CVE-2008-0427 | 1 Bloo | 1 Bloofoxcms | 2024-08-07 | N/A |
Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
CVE-2008-0418 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-08-07 | N/A |
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js. | ||||
CVE-2008-0405 | 1 Hfs | 1 Http File Server | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) before 2.2c, when account names are used as log filenames, allow remote attackers to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and (3) append arbitrary data to a file via a .. (dot dot) in an account name, when requesting a URI composed of a "/?%0a" sequence followed by the data. | ||||
CVE-2008-0435 | 1 Ozjournals | 1 Ozjournals | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in OZJournals 2.1.1 allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the id parameter in a printpreview action. | ||||
CVE-2008-0393 | 1 Gradman | 1 Gradman | 2024-08-07 | N/A |
Directory traversal vulnerability in info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter, a different vector than CVE-2008-0361. | ||||
CVE-2008-0357 | 1 Galaxyscripts | 1 Mini File Host | 2024-08-07 | N/A |
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | ||||
CVE-2008-0333 | 1 Afterlogic | 1 Mailbee Webmail Pro | 2024-08-07 | N/A |
Directory traversal vulnerability in download_view_attachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the temp_filename parameter. | ||||
CVE-2008-0338 | 1 Miniweb Http Server | 1 Miniweb Http Server | 2024-08-07 | N/A |
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI. | ||||
CVE-2008-0361 | 1 Instituto Politicnico Nacional | 1 Gradman | 2024-08-07 | N/A |
Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabla parameter. | ||||
CVE-2008-0332 | 1 Aria | 1 Aria | 2024-08-07 | N/A |
Directory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
CVE-2008-0194 | 1 Wordpress | 1 Wordpress | 2024-08-07 | N/A |
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1. |