Search Results (9565 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1651 1 Myiosoft 1 Easynews 2026-04-23 N/A
Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2008-4741 1 Far-php 1 Far-php 2026-04-23 N/A
Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter.
CVE-2008-4740 1 Tinycms 1 Tinycms 2026-04-23 N/A
Directory traversal vulnerability in templater.php in the ZZ_Templater module in TinyCMS 1.1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[template] parameter.
CVE-2008-1400 1 Mg-soft 1 Net Inspector 2026-04-23 N/A
Directory traversal vulnerability in the Net Inspector HTTP Server (mghttpd) in MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot slash) in the URI.
CVE-2008-6901 1 2532gigs 1 2532gigs 2026-04-23 N/A
Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) settings.php, (2) deleteuser.php, (3) mini_calendar.php, (4) manage_venues.php, and (5) manage_gigs.php, a different vector than CVE-2007-4585.
CVE-2008-4602 1 Qualityunit 1 Post Affiliate Pro 2026-04-23 N/A
Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. (dot dot) in the md parameter.
CVE-2008-4592 1 Sportspanel 1 Sports Clubs Web Portal 2026-04-23 N/A
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
CVE-2009-1090 1 Rapidleech 1 Rapidleech 2026-04-23 N/A
Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter.
CVE-2009-1730 1 Netmechanica 1 Netdecision Tftp Server 2026-04-23 N/A
Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.
CVE-2008-4425 1 Phlatline 1 Personal Information Manager 2026-04-23 N/A
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
CVE-2008-6843 2 Cpanel, Netenberg 2 Cpanel, Fantastico De Luxe 2026-04-23 N/A
Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.
CVE-2008-6842 1 Pluck-cms 1 Pluck 2026-04-23 N/A
Directory traversal vulnerability in data/modules/blog/module_pages_site.php in Pluck 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the post parameter.
CVE-2008-4421 1 Hammer-software 1 Metagauge 2026-04-23 N/A
Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably other versions before 1.0.3.38, allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the URL.
CVE-2008-4331 1 Phpocs 1 Phpocs 2026-04-23 N/A
Directory traversal vulnerability in library/pagefunctions.inc.php in phpOCS 0.1 beta3 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to index.php.
CVE-2008-4330 1 Lansuite 1 Lansuite 2026-04-23 N/A
Directory traversal vulnerability in index.php in LanSuite 3.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the design parameter.
CVE-2008-0819 1 Plutostatus 1 Plutostatus Locator 2026-04-23 N/A
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
CVE-2009-1649 1 Bicluc 1 Belive 2026-04-23 N/A
Directory traversal vulnerability in arch.php in beLive 0.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the arch parameter.
CVE-2008-0818 1 Freephpgallery 1 Freephpgallery 2026-04-23 N/A
Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php.
CVE-2009-1445 1 Ivano Culmine 1 Webportal Cms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1) read arbitrary files via directory traversal sequences in the lang parameter to libraries/helpdocs/help.php and (2) include and execute arbitrary local files via directory traversal sequences in the error parameter to index.php.
CVE-2008-2353 1 Gnugallery 1 Gnugallery 2026-04-23 N/A
Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the show parameter.