Export limit exceeded: 363262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9560 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4205 | 1 Ringsworld | 1 Flashlight Free Edition | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||||
| CVE-2008-3384 | 1 Cce-interact | 1 Interact | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) module and (2) file parameters. | ||||
| CVE-2007-4902 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname in the argument to the SaveToFile method. | ||||
| CVE-2008-2665 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and earlier allows remote attackers to bypass safe_mode restrictions via a .. (dot dot) in an http URL, which results in the URL being canonicalized to a local filename after the safe_mode check has successfully run. | ||||
| CVE-2008-3562 | 1 Chupix | 2 Chupix Cms, Cms Contact Module | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in the Contact module in Chupix CMS 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mods parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6368 | 1 Ezcontents | 1 Ezcontents | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in ezContents 1.4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the link parameter. | ||||
| CVE-2008-5881 | 1 Playsms | 1 Playsms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php. | ||||
| CVE-2008-5856 | 1 Class | 1 Class | 2026-04-23 | N/A |
| Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | ||||
| CVE-2007-4008 | 1 Entertainment Cms | 1 Entertainment Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in custom.php in Entertainment Media Sharing CMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter. | ||||
| CVE-2008-0946 | 1 Ipswitch | 2 Imserver, Instant Messaging | 2026-04-23 | N/A |
| Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field. | ||||
| CVE-2008-4187 | 1 Proactive Cms | 1 Proactive Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in ProActive CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2009-0596 | 1 Phpskelsite | 1 Phpskelsite | 2026-04-23 | N/A |
| Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter. | ||||
| CVE-2009-3181 | 1 Anantasoft | 1 Gazelle Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php. | ||||
| CVE-2008-3195 | 1 Twiki | 1 Twiki | 2026-04-23 | N/A |
| Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors. | ||||
| CVE-2009-3219 | 1 The-ghost | 1 Ar Web Content Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter. | ||||
| CVE-2007-4567 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2026-04-23 | N/A |
| The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet. | ||||
| CVE-2008-1169 | 1 Simm-comm | 1 Sci Photo Chat | 2026-04-23 | N/A |
| Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command. | ||||
| CVE-2008-1125 | 1 Podcast Generator | 1 Podcast Generator | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php. | ||||
| CVE-2010-0350 | 2 Arco Van Geest, Typo3 | 2 Goof Fotoboek, Typo3 | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. | ||||
| CVE-2008-1178 | 1 Centreon | 1 Centreon | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2008-1119. | ||||