Total
6472 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-2982 | 1 Homeph Design | 1 Homeph Design | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/template_thumbnail.php, and the (2) language parameter to (b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogalerie/delete.php, and (f) fotogalerie/fotogalerie.php in admin/features/. | ||||
CVE-2008-2985 | 1 Cmreams | 1 Cmreams Cms | 2024-08-07 | N/A |
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter. | ||||
CVE-2008-2961 | 1 Cmsmini | 1 Cms Mini | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter. | ||||
CVE-2008-2966 | 1 Jaxultrabb | 1 Jaxultrabb | 2024-08-07 | N/A |
Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the user parameter. party information. | ||||
CVE-2008-2938 | 2 Apache, Redhat | 6 Tomcat, Enterprise Linux, Jboss Enterprise Application Platform and 3 more | 2024-08-07 | N/A |
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version. | ||||
CVE-2008-2896 | 1 Getfireant | 1 Fireant | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in FireAnt 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-2974 | 1 Mm Chat | 1 Mm Chat | 2024-08-07 | N/A |
Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter. | ||||
CVE-2008-2942 | 1 Mercurial | 1 Mercurial | 2024-08-07 | N/A |
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. | ||||
CVE-2008-2898 | 1 Hedgehog-cms | 1 Hedgehog-cms | 2024-08-07 | N/A |
Directory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
CVE-2008-2895 | 1 Aprox | 1 Aproxengine | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in AproxEngine 5.1.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2024-08-07 | N/A |
Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
CVE-2008-2889 | 1 Wise-ftp | 1 Wise-ftp | 2024-08-07 | N/A |
Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
CVE-2008-2887 | 1 Chaozzatwork | 1 Fubarforum | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-2876 | 1 Munky | 1 Munky | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in mUnky 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the zone parameter. | ||||
CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2024-08-07 | N/A |
Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | ||||
CVE-2008-2838 | 1 Traindepot | 1 Traindepot | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter. | ||||
CVE-2008-2818 | 1 Easy-clanpage | 1 Easy-clanpage | 2024-08-07 | N/A |
Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the section parameter to the default URI. | ||||
CVE-2008-2821 | 2 Glub, Microsoft | 2 Secure Ftp, Windows Nt | 2024-08-07 | N/A |
Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
CVE-2008-2813 | 1 Shoutcastadmin | 1 Wallcity-server Shoutcast Admin Panel | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in WallCity-Server Shoutcast Admin Panel 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-2822 | 1 3dftp | 1 3d-ftp Client | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) allow remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a (1) LIST or (2) MLSD command. |