Total
6472 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-2902 | 2 Apache, Redhat | 5 Tomcat, Certificate System, Enterprise Linux and 2 more | 2024-08-07 | N/A |
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. | ||||
CVE-2009-2784 | 1 Ditcms | 1 Dit.cms | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path parameter to index.php in (1) install/, (2) menus/left_rightslideopen/, (3) menus/side_pullout/, (4) menus/side_slideopen/, (5) menus/simple/, (6) menus/top_dropdown/, and (7) menus/topside/; the sitemap parameter to index.php in (8) menus/left_rightslideopen/, (9) menus/side_pullout/, (10) menus/side_slideopen/, (11) menus/top_dropdown/, and (12) menus/topside/; and the (13) relPath parameter to index/index.php. NOTE: PHP remote file inclusion vulnerabilities reportedly also exist for some of these vectors. | ||||
CVE-2009-2787 | 2 Punbb, Reputation | 2 Punbb, Reputation | 2024-08-07 | N/A |
Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter. | ||||
CVE-2009-2792 | 1 Joshua Oliver | 1 Really Simple Cms | 2024-08-07 | N/A |
Directory traversal vulnerability in plugings/pagecontent.php in Really Simple CMS (RSCMS) 0.3a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PT parameter. | ||||
CVE-2009-2600 | 1 Akiva | 1 Webboard | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in view.php in Webboard 2.90 beta and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the topic parameter. | ||||
CVE-2009-2659 | 1 Django Project | 1 Django | 2024-08-07 | N/A |
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. | ||||
CVE-2009-2693 | 2 Apache, Redhat | 5 Tomcat, Certificate System, Enterprise Linux and 2 more | 2024-08-07 | N/A |
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry. | ||||
CVE-2009-2658 | 1 Znc | 1 Znc | 2024-08-07 | N/A |
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request. | ||||
CVE-2009-2611 | 1 Gander | 1 Myfusion | 2024-08-07 | N/A |
Directory traversal vulnerability in infusions/last_seen_users_panel/last_seen_users_panel.php in MyFusion (aka MyF) 6 Beta, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter. | ||||
CVE-2009-2557 | 1 Adminnewstools | 1 Admin News Tools | 2024-08-07 | N/A |
Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter. | ||||
CVE-2009-2552 | 1 Supersimple | 1 Super Simple Blog Script | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter. | ||||
CVE-2009-2544 | 2 Marcelo Costa, Microsoft | 3 Fileserver, Messenger Plus\! Live, Windows Live Messenger | 2024-08-07 | N/A |
Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live (MPL) allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. (dot dot) in a pathname. | ||||
CVE-2009-2546 | 1 Anelectron | 1 Advanced Electron Forum | 2024-08-07 | N/A |
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2009-2449 | 1 Adbnewssender | 1 Adbnewssender | 2024-08-07 | N/A |
Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter. | ||||
CVE-2009-2444 | 1 Adbnewssender | 1 Adbnewssender | 2024-08-07 | N/A |
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php. | ||||
CVE-2009-2397 | 1 Audioarticledirectory | 1 Audio Article Directory | 2024-08-07 | N/A |
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter. | ||||
CVE-2009-2398 | 1 Php-sugar | 1 Php-sugar | 2024-08-07 | N/A |
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter. | ||||
CVE-2009-2379 | 1 Bigace | 1 Bigace Cms | 2024-08-07 | N/A |
Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter. | ||||
CVE-2009-2313 | 1 Jinzora | 1 Jinzora | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter. | ||||
CVE-2009-2338 | 1 Freewebshop | 1 Freewebshop | 2024-08-07 | N/A |
Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_file parameter. |