Total
6472 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3128 | 1 Pivot | 1 Pivot | 2024-08-07 | N/A |
| Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter. | ||||
| CVE-2008-3163 | 1 Regretless | 1 Dodos Mail | 2024-08-07 | N/A |
| Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3195 | 1 Twiki | 1 Twiki | 2024-08-07 | N/A |
| Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors. | ||||
| CVE-2008-3192 | 1 Sclek | 1 Jsite | 2024-08-07 | N/A |
| Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2008-3194 | 1 Pluck | 1 Pluck | 2024-08-07 | N/A |
| Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) langpref, (2) file, (3) blogpost, or (4) cat parameter. | ||||
| CVE-2008-3205 | 1 Easy-script | 1 Wysi Wiki Wyg | 2024-08-07 | N/A |
| Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. | ||||
| CVE-2008-3179 | 1 W2b | 1 Phpdatingclub | 2024-08-07 | N/A |
| Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2008-3165 | 1 Fuzzylime | 1 Fuzzylime Cms | 2024-08-07 | N/A |
| Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805. | ||||
| CVE-2008-3150 | 1 Neutrino-cms | 1 Atomic Edition | 2024-08-07 | N/A |
| Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php. | ||||
| CVE-2008-3087 | 1 Kasseler-cms | 1 Kasseler Cms | 2024-08-07 | N/A |
| Directory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module. | ||||
| CVE-2008-3149 | 1 F5 | 1 Firepass 1200 | 2024-08-07 | N/A |
| The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB. | ||||
| CVE-2008-3164 | 1 Fuzzylime | 1 Fuzzylime Cms | 2024-08-07 | N/A |
| Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected. | ||||
| CVE-2008-3071 | 1 Mybb | 1 Mybb | 2024-08-07 | N/A |
| Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable. | ||||
| CVE-2008-2969 | 1 Yektaweb | 1 Academic Web Tools | 2024-08-07 | N/A |
| Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the dfile parameter. | ||||
| CVE-2008-2993 | 1 Fog | 1 Fog Forum | 2024-08-07 | N/A |
| Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) fog_lang and (2) fog_skin parameters, probably related to libs/required/share.inc; and possibly the (3) fog_pseudo, (4) fog_posted, (5) fog_password, and (6) fog_cook parameters. | ||||
| CVE-2008-3036 | 1 Cms Little | 1 Cms Little | 2024-08-07 | N/A |
| Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter. | ||||
| CVE-2008-2978 | 1 Ourvideocms | 1 Ourvideo Cms | 2024-08-07 | N/A |
| Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the prefix parameter. | ||||
| CVE-2008-2913 | 1 Devalcms | 1 Devalcms | 2024-08-07 | N/A |
| Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... sequences in the currentfile parameter, to index.php. | ||||
| CVE-2008-2976 | 1 Tinx Cms | 1 Tinx Cms | 2024-08-07 | N/A |
| Multiple directory traversal vulnerabilities in TinX/cms 1.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) language parameter to (a) include_me.php, (b) admin/ajax.php, and (c) admin/objects/catalog.ajaxhandler.php; and the (2) prefix parameter to (d) admin/inc/config.php. | ||||
| CVE-2008-3031 | 1 Simple Php Agenda | 1 Simple Php Agenda | 2024-08-07 | N/A |
| Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||