Export limit exceeded: 47296 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9639 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3727 | 1 Microworld Technologies | 1 Mailscan | 2026-04-23 | N/A |
| Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2007-4220 | 1 Motorola | 1 Timbuktu | 2026-04-23 | N/A |
| Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. (dot dot) in a Send request, probably related to the (1) Send and (2) Exchange services. | ||||
| CVE-2007-0893 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme. | ||||
| CVE-2006-5846 | 1 Freewebshop | 1 Freewebshop | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773. | ||||
| CVE-2008-0760 | 1 Safenet | 2 Sentinel Keys Server, Sentinel Protection Server | 2026-04-23 | N/A |
| Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483. | ||||
| CVE-2009-3284 | 1 Phpspot | 6 Php \& Css Bbs, Php Bbs, Php Bbs Ce and 3 more | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2009-3219 | 1 The-ghost | 1 Ar Web Content Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter. | ||||
| CVE-2008-3150 | 1 Neutrino-cms | 1 Atomic Edition | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php. | ||||
| CVE-2008-2185 | 1 Toocharger | 1 Smartblog | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-6621 | 1 Joovili | 1 Joovili | 2026-04-23 | N/A |
| Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | ||||
| CVE-2009-3902 | 2 Cherokee, Microsoft | 2 Cherokee Httpd, Windows | 2026-04-23 | N/A |
| Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL. | ||||
| CVE-2008-1537 | 1 Powerscripts | 1 Powerbook | 2026-04-23 | N/A |
| Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||||
| CVE-2008-3031 | 1 Simple Php Agenda | 1 Simple Php Agenda | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2009-4627 | 1 Dan Brown | 1 Moa Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the p_filename parameter, a different issue than CVE-2009-4614. | ||||
| CVE-2009-3211 | 1 Dimofinf | 1 Infinity Script | 2026-04-23 | N/A |
| Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. | ||||
| CVE-2009-4626 | 1 Phpnagios | 1 Phpnagios | 2026-04-23 | N/A |
| Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the conf[lang] parameter. | ||||
| CVE-2007-6508 | 1 Xecms | 1 Xecms | 2026-04-23 | N/A |
| Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary files via a ..%2F (dot dot slash) in the list parameter. | ||||
| CVE-2009-4056 | 1 Betsy | 1 Betsy Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter. | ||||
| CVE-2008-2961 | 1 Cmsmini | 1 Cms Mini | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attackers to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter. | ||||
| CVE-2007-5802 | 1 Firewolf Technologies | 1 Synergiser | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration. | ||||