Search Results (9577 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1653 1 Tinybutstrong 1 Tinybutstrong 2026-04-23 N/A
Directory traversal vulnerability in examples/tbs_us_examples_0view.php in TinyButStrong 3.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the script parameter.
CVE-2009-1090 1 Rapidleech 1 Rapidleech 2026-04-23 N/A
Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter.
CVE-2009-1089 1 Rapidleech 1 Rapidleech 2026-04-23 N/A
Absolute path traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to read arbitrary files via a base64-encoded absolute path in the filename parameter.
CVE-2009-1031 1 Solarwinds 1 Serv-u File Server 2026-04-23 N/A
Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.
CVE-2009-0929 1 Nucleus Group 1 Nucleus Cms 2026-04-23 N/A
Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote attackers to read arbitrary files via unknown vectors.
CVE-2009-0886 1 Oneorzero 1 Oneorzero Helpdesk 2026-04-23 N/A
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter.
CVE-2009-0880 2 Ibm, Microsoft 2 Director, Windows 2026-04-23 N/A
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
CVE-2009-0570 1 Ninjadesigns 1 Mailist 2026-04-23 N/A
Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-0535 1 Extrosoft 1 Thyme 2026-04-23 N/A
Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parameter.
CVE-2009-0515 1 Yanocc 1 Yanocc 2026-04-23 N/A
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2009-0497 1 Igniterealtime 1 Openfire 2026-04-23 N/A
Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter.
CVE-2009-0457 1 Magtrb 1 Aja Portal 2026-04-23 N/A
Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module.
CVE-2009-0448 1 Syntax Desktop 1 Syntax Desktop 2026-04-23 N/A
Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.
CVE-2009-0423 1 Kevin Walker 1 Php Photo Album 2026-04-23 N/A
Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter.
CVE-2009-0392 1 Motorola 1 Cpei300 2026-04-23 N/A
Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter.
CVE-2009-0371 1 Sitexs Cms 1 Sitexs Cms 2026-04-23 N/A
Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter.
CVE-2008-7110 1 Kyoceramita 1 Scanner File Utility 2026-04-23 N/A
Directory traversal vulnerability in the Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to upload files to arbitrary locations via a .. (dot dot) in a request.
CVE-2008-7093 1 Unica 1 Affinium Campaign 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener.
CVE-2008-7090 1 Pligg 1 Pligg Cms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Pligg 9.9 and earlier allow remote attackers to (1) determine the existence of arbitrary files via a .. (dot dot) in the $tb_url variable in trackback.php, or (2) include arbitrary files via a .. (dot dot) in the template parameter to settemplate.php.
CVE-2008-1371 1 Drake Team 1 Drake Cms 2026-04-23 N/A
Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote attackers to read and execute arbitrary files via a full pathname in the d_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.