Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
Max CVSS
5.0
EPSS Score
0.38%
Published
2007-04-30
Updated
2017-10-11
Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Max CVSS
7.8
EPSS Score
2.00%
Published
2007-04-27
Updated
2017-10-11
Multiple directory traversal vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to categories.php and other unspecified files.
Max CVSS
7.5
EPSS Score
1.89%
Published
2007-04-26
Updated
2017-10-11
Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
Max CVSS
6.8
EPSS Score
2.99%
Published
2007-04-26
Updated
2017-10-19
Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 (Ext JS) allows remote attackers to read arbitrary files via a .. (dot dot) in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent.
Max CVSS
7.8
EPSS Score
3.29%
Published
2007-04-26
Updated
2017-10-11
Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the dnld parameter.
Max CVSS
9.4
EPSS Score
1.92%
Published
2007-04-25
Updated
2017-10-11
Directory traversal vulnerability in top.php3 in SWsoft Plesk for Windows 8.1 and 8.1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the locale_id parameter.
Max CVSS
5.0
EPSS Score
0.46%
Published
2007-04-25
Updated
2008-11-13
Multiple directory traversal vulnerabilities in SWsoft Plesk for Windows 7.6.1, 8.1.0, and 8.1.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the locale_id parameter to (1) login.php3 or (2) login_up.php3.
Max CVSS
5.0
EPSS Score
2.90%
Published
2007-04-25
Updated
2011-03-08
Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter.
Max CVSS
5.0
EPSS Score
1.25%
Published
2007-04-25
Updated
2017-07-29
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
Max CVSS
4.3
EPSS Score
0.80%
Published
2007-04-25
Updated
2018-10-16
Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attackers to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter.
Max CVSS
10.0
EPSS Score
3.60%
Published
2007-04-24
Updated
2017-10-11
Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the acc parameter.
Max CVSS
5.0
EPSS Score
2.00%
Published
2007-04-24
Updated
2017-10-11
Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Max CVSS
7.8
EPSS Score
1.92%
Published
2007-04-19
Updated
2017-10-11
Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/index.php.
Max CVSS
7.8
EPSS Score
2.00%
Published
2007-04-19
Updated
2018-10-16
Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the current_theme parameter.
Max CVSS
7.5
EPSS Score
0.75%
Published
2007-04-18
Updated
2018-10-16
Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter.
Max CVSS
7.5
EPSS Score
1.10%
Published
2007-04-18
Updated
2018-10-16
Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme_url parameter to (1) index.php, (2) page.php, (3) search.php, (4) single.php, and (5) archives.php.
Max CVSS
7.5
EPSS Score
1.35%
Published
2007-04-18
Updated
2018-10-16
Directory traversal vulnerability in scr/soustab.php in openMairie 1.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dsn[phptype] parameter.
Max CVSS
7.5
EPSS Score
1.89%
Published
2007-04-18
Updated
2017-10-11
Directory traversal vulnerability in Acubix PicoZip 4.02 allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the file path in an (1) GZ, (2) TAR, (3) RAR, (4) JAR, or (5) ZIP archive.
Max CVSS
6.8
EPSS Score
0.50%
Published
2007-04-18
Updated
2017-07-29
Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter.
Max CVSS
5.0
EPSS Score
1.51%
Published
2007-04-16
Updated
2017-10-11
Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. (dot dot) in the resource parameter.
Max CVSS
5.0
EPSS Score
1.14%
Published
2007-04-16
Updated
2018-10-16
Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .rar, (2) .jar or (3) .zip archive.
Max CVSS
5.8
EPSS Score
0.60%
Published
2007-04-12
Updated
2017-07-29
Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Max CVSS
7.5
EPSS Score
0.75%
Published
2007-04-12
Updated
2018-10-16
Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .gz, (2) .jar, (3) .rar, (4) .tar.gz, (5) .zip, or (6) .tar file.
Max CVSS
7.5
EPSS Score
0.96%
Published
2007-04-11
Updated
2017-07-29
Directory traversal vulnerability in member.php in the eBoard 1.0.7 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[name] parameter.
Max CVSS
6.8
EPSS Score
7.19%
Published
2007-04-10
Updated
2017-10-11
40 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!