Export limit exceeded: 355857 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9271 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2909 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation. | ||||
| CVE-2008-3727 | 1 Microworld Technologies | 1 Mailscan | 2026-04-23 | N/A |
| Directory traversal vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2009-3825 | 1 Thomas Graber | 1 Gencms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php. | ||||
| CVE-2008-6505 | 1 Apache | 1 Struts | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x. | ||||
| CVE-2007-4820 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter. | ||||
| CVE-2009-1368 | 1 Mozilo | 1 Mozilocms | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3. | ||||
| CVE-2007-6648 | 1 Sanybee Gallery | 1 Sanybee Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | ||||
| CVE-2009-1456 | 1 Stephane Rajalu | 1 Malleo | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin.php in Malleo 1.2.3 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2008-6658 | 1 Simple Machines | 1 Simple Machines Forum | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 before 1.0.15 and 1.1 before 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. (dot dot) in the package parameter during an install2 action, as demonstrated by a predictable package filename in attachments/ that was uploaded through a post2 action to index.php. | ||||
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | ||||
| CVE-2008-4718 | 1 X7 Group | 1 X7 Chat | 2026-04-23 | N/A |
| Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156. | ||||
| CVE-2009-2265 | 1 Fckeditor | 1 Fckeditor | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory. | ||||
| CVE-2009-0753 | 1 Mldonkey | 1 Mldonkey | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename. | ||||
| CVE-2009-0113 | 1 Joomla | 2 Joomla, Xstandard | 2026-04-23 | N/A |
| Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. | ||||
| CVE-2007-4134 | 1 Redhat | 2 Enterprise Linux, Fedora | 2026-04-23 | N/A |
| Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | ||||
| CVE-2008-5642 | 1 Cmsmadesimple | 1 Cms Made Simple | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. | ||||
| CVE-2008-1891 | 1 Ruby-lang | 1 Ruby | 2026-04-23 | N/A |
| Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. | ||||
| CVE-2008-6630 | 1 Typo3 | 2 Typo3, Wt Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in the wt_gallery extension 2.5.0 and earlier for TYPO3 allows remote attackers to read arbitrary image files and determine directory structure via unspecified vectors. | ||||
| CVE-2007-6471 | 1 Phpay | 1 Phpay | 2026-04-23 | N/A |
| Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers to conduct directory traversal attacks and include and execute arbitrary local files via a ..\ (dot dot backslash) in the config parameter. | ||||
| CVE-2008-5818 | 1 Edreamers | 1 Edcontainer | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third party information. | ||||