Total
7067 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0535 | 1 Extrosoft | 1 Thyme | 2024-11-21 | N/A |
| Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parameter. | ||||
| CVE-2009-0515 | 1 Yanocc | 1 Yanocc | 2024-11-21 | N/A |
| Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2009-0514 | 1 Webframe | 1 Webframe | 2024-11-21 | N/A |
| Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php. | ||||
| CVE-2009-0497 | 1 Igniterealtime | 1 Openfire | 2024-11-21 | N/A |
| Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter. | ||||
| CVE-2009-0457 | 1 Magtrb | 1 Aja Portal | 2024-11-21 | N/A |
| Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module. | ||||
| CVE-2009-0448 | 1 Syntax Desktop | 1 Syntax Desktop | 2024-11-21 | N/A |
| Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter. | ||||
| CVE-2009-0442 | 1 Phpbbbook | 1 Phpbbbook | 2024-11-21 | N/A |
| Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and 1.3h allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter. | ||||
| CVE-2009-0423 | 1 Kevin Walker | 1 Php Photo Album | 2024-11-21 | N/A |
| Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter. | ||||
| CVE-2009-0392 | 1 Motorola | 1 Cpei300 | 2024-11-21 | N/A |
| Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2009-0371 | 1 Sitexs Cms | 1 Sitexs Cms | 2024-11-21 | N/A |
| Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter. | ||||
| CVE-2009-0340 | 1 Quirm | 1 Simple Php Newsletter | 2024-11-21 | N/A |
| Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php. | ||||
| CVE-2009-0331 | 1 Quirm | 1 Espg | 2024-11-21 | N/A |
| Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG. | ||||
| CVE-2009-0330 | 1 Wss-pro | 1 Scms | 2024-11-21 | N/A |
| Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | ||||
| CVE-2009-0325 | 1 Ninjadesigns | 1 Ninja Blog | 2024-11-21 | N/A |
| Directory traversal vulnerability in entries/index.php in Ninja Blog 4.8, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter. | ||||
| CVE-2009-0291 | 1 Openx | 1 Openx | 2024-11-21 | N/A |
| Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter. | ||||
| CVE-2009-0290 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathname. | ||||
| CVE-2009-0288 | 1 Windows Tftp Utility | 1 Tftputil | 2024-11-21 | N/A |
| Directory traversal vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request. | ||||
| CVE-2009-0286 | 1 Opengoo | 1 Opengoo | 2024-11-21 | N/A |
| Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter. | ||||
| CVE-2009-0271 | 1 Fujitsu | 1 Systemcastwizard Lite | 2024-11-21 | N/A |
| Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | ||||
| CVE-2009-0244 | 1 Microsoft | 1 Windows Mobile | 2024-11-21 | 8.8 High |
| Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||