Total
7067 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4983 | 1 Cowon America | 1 Jetaudio | 2024-11-21 | N/A |
| Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call. | ||||
| CVE-2007-4982 | 1 Mw6 Technologies | 1 Qrcode Activex | 2024-11-21 | N/A |
| Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-4976 | 1 Coppermine | 1 Coppermine Photo Gallery | 2024-11-21 | N/A |
| Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter. | ||||
| CVE-2007-4962 | 1 Winimage | 1 Winimage | 2024-11-21 | N/A |
| Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-4957 | 1 Chupix | 1 Chupix Cms | 2024-11-21 | N/A |
| Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter. | ||||
| CVE-2007-4908 | 1 Auracms | 1 Auracms | 2024-11-21 | N/A |
| Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter. | ||||
| CVE-2007-4902 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2024-11-21 | N/A |
| Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname in the argument to the SaveToFile method. | ||||
| CVE-2007-4895 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2024-11-21 | N/A |
| Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter. | ||||
| CVE-2007-4890 | 1 Microsoft | 1 Visual Studio | 2024-11-21 | N/A |
| Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method. | ||||
| CVE-2007-4843 | 1 X-diesel | 1 Unreal Commander | 2024-11-21 | N/A |
| Directory traversal vulnerability in X-Diesel Unreal Commander 0.92 build 565 and 573 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-4842 | 1 Enriva Development | 1 Magellan Explorer | 2024-11-21 | N/A |
| Directory traversal vulnerability in Enriva Development Magellan Explorer 3.32 build 2305 and earlier allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a filename. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-4829 | 3 Archive\, Canonical, Redhat | 3 \, Ubuntu Linux, Enterprise Linux | 2024-11-21 | N/A |
| Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences. | ||||
| CVE-2007-4825 | 1 Php | 1 Php | 2024-11-21 | N/A |
| Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function. | ||||
| CVE-2007-4820 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2024-11-21 | N/A |
| Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter. | ||||
| CVE-2007-4805 | 1 Fuzzylime | 1 Fuzzylime | 2024-11-21 | N/A |
| Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter. | ||||
| CVE-2007-4764 | 1 Pawfaliki | 1 Pawfaliki | 2024-11-21 | N/A |
| Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to list arbitrary files via a .. (dot dot) in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4756 | 1 Ghisler | 1 Total Commander | 2024-11-21 | N/A |
| Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP servers to create or overwrite arbitrary files via "..\" (dot dot backslash) sequences in a filename. NOTE: the "..\" are not displayed when the user lists files. NOTE: this can be leveraged for code execution by writing to a Startup folder. | ||||
| CVE-2007-4726 | 1 Weboddity | 1 Weboddity | 2024-11-21 | N/A |
| Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2007-4723 | 2 Apache, Ragnarok Online Control Panel Project | 2 Http Server, Ragnarok Online Control Panel | 2024-11-21 | N/A |
| Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page. | ||||
| CVE-2007-4718 | 1 Claroline | 1 Claroline | 2024-11-21 | N/A |
| Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||