Total
6472 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-2459 | 1 Entertainmentscript | 1 Entertainmentscript | 2024-08-07 | N/A |
Directory traversal vulnerability in page.php in EntertainmentScript 1.4.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
CVE-2008-2370 | 2 Apache, Redhat | 7 Tomcat, Certificate System, Enterprise Linux and 4 more | 2024-08-07 | N/A |
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter. | ||||
CVE-2008-2415 | 1 Digitalhive | 1 Digitalhive | 2024-08-07 | N/A |
Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
CVE-2008-2355 | 1 Wr-script | 1 Wr-meeting | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in WR-Meeting 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the msnum parameter in a coment event. | ||||
CVE-2008-2350 | 1 Bcoos | 1 Bcoos | 2024-08-07 | N/A |
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter. | ||||
CVE-2008-2403 | 1 Sun | 1 Java Asp Server | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method. | ||||
CVE-2008-2439 | 1 Trend Micro | 2 Officescan, Worry Free Business Security | 2024-08-07 | N/A |
Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and Worry-Free Business Security 5.0 before build 1220 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP request. NOTE: some of these details are obtained from third party information. | ||||
CVE-2008-2352 | 1 Smeego | 1 Smeego | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in Smeego 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie. | ||||
CVE-2008-2399 | 2 Fireftp, Mozilla | 2 Fireftp, Firefox | 2024-08-07 | N/A |
Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
CVE-2008-2342 | 1 News Manager | 1 News Manager | 2024-08-07 | N/A |
Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | ||||
CVE-2008-2353 | 1 Gnugallery | 1 Gnugallery | 2024-08-07 | N/A |
Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter. | ||||
CVE-2008-2241 | 2 Broadcom, Ca | 4 Brightstor Arcserve Backup, Server Protection Suite, Brightstor Arcserve Backup and 1 more | 2024-08-07 | N/A |
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file. | ||||
CVE-2008-2215 | 1 Pbcs | 1 Project-based Calendaring System | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) src/yopy_sync.php and (2) system-logger/print_logs.php. | ||||
CVE-2008-2227 | 1 Php-fusion | 1 Forum Rank System | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2008-2217 | 1 Mario Valdez | 1 Content Management System | 2024-08-07 | N/A |
Directory traversal vulnerability in cm/graphie.php in Content Management System 0.6.1 for Phprojekt allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cm_imgpath parameter. | ||||
CVE-2008-2185 | 1 Toocharger | 1 Smartblog | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2008-2116 | 1 Scriptsez | 1 Power Editor | 2024-08-07 | N/A |
Multiple directory traversal vulnerabilities in editor.php in ScriptsEZ.net Power Editor 2.0 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) te and (2) dir parameters in a tempedit action. | ||||
CVE-2008-2073 | 1 Virtual Design Studios | 1 Vlbook | 2024-08-07 | N/A |
Directory traversal vulnerability in include/global.inc.php in Virtual Design Studio vlbook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter. | ||||
CVE-2008-2091 | 1 Kubelabs | 1 Kubelance | 2024-08-07 | N/A |
Directory traversal vulnerability in ipn.php in KubeLabs Kubelance 1.6.4 allows remote attackers to include and execute arbitrary local files via the i parameter. | ||||
CVE-2008-2081 | 1 Siteman | 1 Siteman | 2024-08-07 | N/A |
Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. |