Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0091 | 1 Agency4net | 1 Webftp | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in download2.php in AGENCY4NET WEBFTP 1 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-6653 | 1 Mihalism | 1 Multi Host | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-6648 | 1 Sanybee Gallery | 1 Sanybee Gallery | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | |||||
| CVE-2007-6624 | 1 Pnphpbb | 1 Pnphpbb | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phpEx parameter. | |||||
| CVE-2007-6623 | 1 Zeuscms | 1 Zeuscms | 2017-09-29 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to list arbitrary directories via a full pathname in the dir parameter. | |||||
| CVE-2007-6621 | 1 Joovili | 1 Joovili | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | |||||
| CVE-2007-6620 | 1 Joovili | 1 Joovili | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter. | |||||
| CVE-2007-6604 | 1 Xcms | 1 Xcms | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the s parameter to the admin page or (2) the pg parameter to an arbitrary module, as demonstrated by reading a password hash in a .dtb file under dati/membri/ or by executing embedded PHP code in images under uploads/avatar/. | |||||
| CVE-2007-6584 | 1 1024 Cms | 1 1024 Cms | 2017-09-29 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1. | |||||
| CVE-2007-6582 | 1 C97net | 1 Mblog | 2017-09-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter in a page mode action. | |||||
| CVE-2007-6581 | 1 Social Engine | 1 Social Engine | 2017-09-29 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the global_lang parameter to (1) header_album.php, (2) header_blog.php, or (3) header_group.php; or (4) admin_header_album.php, (5) admin_header_blog.php, or (6) admin_header_group.php in admin/. | |||||
| CVE-2007-6554 | 1 George Lewe | 1 Teamcal Pro | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) register.php, (3) login.php, or (4) statistics.php. | |||||
| CVE-2007-6552 | 1 Auracms | 1 Auracms | 2017-09-29 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request. | |||||
| CVE-2007-6475 | 1 Gf 3xplorer | 1 Gf 3xplorer | 2017-09-29 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and (2) thumber.php. | |||||
| CVE-2007-6400 | 1 Poldoc | 1 Poldoc Document Management System | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote attackers to read arbitrary files via a .. (dot dot) or absolute pathname in the filename parameter. | |||||
| CVE-2007-6369 | 1 Wordpress | 1 Pictpress | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) size or (2) path parameter. | |||||
| CVE-2007-6344 | 1 Mcms | 1 Easy Web Make | 2017-09-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter. | |||||
| CVE-2007-6323 | 1 Mms Gallery | 1 Mms Gallery Php | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in mms_template/. | |||||
| CVE-2007-6322 | 1 Xml2owl | 1 Xml2owl | 2017-09-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2007-6290 | 1 Iptel | 1 Serweb | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters. | |||||