Search Results (9563 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6400 1 Poldoc 1 Poldoc Document Management System 2026-04-23 N/A
Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter.
CVE-2008-6172 2 Joomla, Weberr 2 Joomla, Rwcards 2026-04-23 N/A
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
CVE-2008-3363 1 Dokeos 1 E-learning System 2026-04-23 N/A
Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter.
CVE-2008-5587 1 Phppgadmin 1 Phppgadmin 2026-04-23 N/A
Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
CVE-2009-2398 1 Php-sugar 1 Php-sugar 2026-04-23 N/A
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
CVE-2007-4058 1 Emc 1 Vmware 2026-04-23 N/A
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method.
CVE-2007-5491 1 Sitebar 1 Sitebar 2026-04-23 N/A
Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter.
CVE-2007-5731 1 Apache 1 Jakarta Slide 2026-04-23 N/A
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag, a related issue to CVE-2007-5461.
CVE-2007-5311 1 Torrenttrader 1 Torrenttrader 2026-04-23 N/A
Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic Edition 1.07 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter.
CVE-2009-1559 1 Cisco 1 Wvc54gca 2026-04-23 N/A
Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible.
CVE-2008-3675 1 Gelatocms 1 Gelatocms 2026-04-23 N/A
Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via (1) a .. (dot dot) and possibly (2) a full pathname in the img parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6361 1 Insun Podcast 1 Feedcms 2026-04-23 N/A
Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter.
CVE-2009-3181 1 Anantasoft 1 Gazelle Cms 2026-04-23 N/A
Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php.
CVE-2008-5748 1 Bloofox 1 Bloofoxcms 2026-04-23 8.1 High
Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.
CVE-2008-2227 1 Php-fusion 1 Forum Rank System 2026-04-23 N/A
Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-5813 1 Ispworker 1 Ispworker 2026-04-23 N/A
Multiple directory traversal vulnerabilities in download.php in ISPworker 1.21 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ticketid and (2) filename parameters.
CVE-2007-1031 1 Spoonlabs 1 Vivvo Article Management Cms 2026-04-23 N/A
Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter.
CVE-2008-2695 1 Phpinv 1 Phpinv 2026-04-23 N/A
Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
CVE-2008-0231 1 Tuned Studios 7 Classic Theme, Endless, Freeze Theme and 4 more 2026-04-23 N/A
Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page parameter. NOTE: this can be leveraged for remote file inclusion when running in some PHP 5 environments.
CVE-2007-4890 1 Microsoft 1 Visual Studio 2026-04-23 N/A
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.