Search Results (9563 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-5771 1 Phpweather 1 Phpweather 2026-04-23 N/A
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
CVE-2008-5752 1 Wordpress 2 Page Flip Image Gallery Plugin, Wordpress 2026-04-23 N/A
Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-5748 1 Bloofox 1 Bloofoxcms 2026-04-23 8.1 High
Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.
CVE-2008-5728 1 Netcat 1 Netcat 2026-04-23 N/A
Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/.
CVE-2008-5723 1 Cgi-rescue 2 Kannibbs2000, Kannibbs2000i 2026-04-23 N/A
Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2008-5658 1 Php 1 Php 2026-04-23 N/A
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.
CVE-2008-5645 1 Orb Networks 1 Orb 2026-04-23 N/A
Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP GET request.
CVE-2008-5642 1 Cmsmadesimple 1 Cms Made Simple 2026-04-23 N/A
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie.
CVE-2008-5639 1 Txtblogcms 1 Txtblog 2026-04-23 N/A
Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read arbitrary files via a .. (dot dot) in the m parameter.
CVE-2008-5604 1 Drennansoft 1 My Simple Forum 2026-04-23 N/A
Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
CVE-2008-5594 1 Bpowerhouse 1 Mini Blog 2026-04-23 N/A
Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
CVE-2008-5962 1 Gravity-gtd 1 Gravity-gtd 2026-04-23 N/A
Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the objectname parameter.
CVE-2008-5953 1 Ktp Computer Customer Database 1 Ktp Computer Customer Database 2026-04-23 N/A
Directory traversal vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to the default URI.
CVE-2008-5948 1 Bncwi 1 Bncwi 2026-04-23 N/A
Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.
CVE-2008-5943 1 Navboard 1 Navboard 2026-04-23 N/A
Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter to (1) admin_modules.php and (2) modules.php.
CVE-2008-5919 1 Tigris 1 Websvn 2026-04-23 N/A
Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter.
CVE-2008-5894 1 Mediatheka 1 Mediatheka 2026-04-23 N/A
Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2008-5883 1 Mini-pub 1 Mini-pub 2026-04-23 N/A
Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.
CVE-2008-5881 1 Playsms 1 Playsms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php.
CVE-2008-5878 1 Phpclanwebsite 1 Phpclanwebsite 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php.