Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3562 | 1 Chupix | 2 Chupix Cms, Cms Contact Module | 2017-08-08 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in the Contact module in Chupix CMS 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mods parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3333 | 1 Mantis | 1 Mantis | 2017-08-08 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in core/lang_api.php in Mantis before 1.1.2 allows remote attackers to include and execute arbitrary files via the language parameter to the user preferences page (account_prefs_update.php). | |||||
| CVE-2008-3312 | 1 Lemoncms | 1 Lemon Cms | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in lemon_includes/FCKeditor/editor/filemanager/browser/browser.php in Lemon CMS 1.10 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be an issue in FCKeditor. | |||||
| CVE-2008-3296 | 1 Xoops | 1 Xoops | 2017-08-08 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3163 | 1 Regretless | 1 Dodos Mail | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||
| CVE-2008-2822 | 1 3dftp | 1 3d-ftp Client | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) allow remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a (1) LIST or (2) MLSD command. | |||||
| CVE-2008-2821 | 2 Glub, Microsoft | 2 Secure Ftp, Windows Nt | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||
| CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2017-08-08 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | |||||
| CVE-2008-2779 | 1 Globalscape | 1 Cuteftp | 2017-08-08 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2008-2635 | 1 Barad Dur | 1 Bitkinex | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2008-2519 | 1 Core Ftp | 1 Core Ftp | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. (dot dot) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder. | |||||
| CVE-2008-2512 | 1 Symantec | 1 Backupexec System Recovery | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2008-2415 | 1 Digitalhive | 1 Digitalhive | 2017-08-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2008-2403 | 1 Sun | 1 Java Asp Server | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method. | |||||
| CVE-2008-2350 | 1 Bcoos | 1 Bcoos | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter. | |||||
| CVE-2008-2227 | 1 Php-fusion | 1 Forum Rank System | 2017-08-08 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2185 | 1 Toocharger | 1 Smartblog | 2017-08-08 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to include arbitrary local files via directory traversal sequences in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1891 | 1 Ruby-lang | 1 Ruby | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. | |||||
| CVE-2008-1884 | 1 Wikepage | 1 Opus | 2017-08-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to read arbitrary files via directory traversal sequences in the wiki parameter, a different vector than CVE-2006-4418. | |||||