CVE-2007-5706

CVE-2007-5706 describes an absolute path traversal vulnerability in the download.php of Jeebles Directory 2.9.60. An attacker can read arbitrary files by supplying a full pathname in the query string. The vulnerability is documented across multiple sources and is classified as a high-severity iss...

CVE-2007-5694

Absolute path traversal vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491...

Path traversal

Absolute path traversal vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491...

CVE-2007-5694

Absolute path traversal vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491...

CVE-2007-5694

Absolute path traversal vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to read arbitrary files via an absolute path in the dir parameter, a different vulnerability than CVE-2007-5491...

PT-2007-6440 · Joomla · Swmenufree

Name of the Vulnerable Software and Affected Versions: Joomla! component swMenuFree com swmenufree version 4.6 Description: A remote file inclusion issue in the preview.php file of the swMenuFree component allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig absolute...

CVE-2007-5110

CVE-2007-5110 describes an absolute path traversal in the EB Design ebCrypt ActiveX control (EbCrypt.eb_c_PRNGenerator.1) within EBCRYPT.DLL 2.0.0.2087 and earlier. The vulnerability allows remote attackers to create or overwrite arbitrary files by passing a full pathname to the SaveToFile method...

CVE-2007-4982

Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveAsBMP or 2 SaveAsWMF...

CVE-2007-4982

Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the 1 SaveAsBMP or 2 SaveAsWMF...

CVE-2007-4902

CVE-2007-4902 describes an absolute path traversal in an ActiveX control within CryptoX.dll (versions ≤ 2.0) and the Ultra Crypto Component. The flaw allows remote attackers to write to arbitrary files by supplying a full pathname to the SaveToFile method, enabling overwriting of files on the aff...

CVE-2007-4820

CVE-2007-4820: Absolute path traversal in Sisfo Kampus 2006, via blanko.preview.php nmf parameter, allows remote reading of arbitrary local files and possible execution of local PHP scripts. Affected: Sisfo Kampus 2006 (blanko.preview.php). Root cause: improper path handling leading to traversal....

Path traversal

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder NVR SP2 2.0 allow remote attackers to 1 create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or 2...

CVE-2007-4583

The CVE-2007-4583 entry describes multiple absolute path traversal vulnerabilities in the ACTi Acti Network Video Recorder (NVR) SP2 2.0, specifically in nvUtility.dll 1.0.14.0 and the nvUtility.Utility.1 ActiveX control. The flaws allow remote attackers to exploit two methods: SaveXMLFile (arbit...

Directory traversal and absolute path in multiple archivers

Directory traversal and absolute path allow to overwrite any file during archive extraction...

CVE-2007-4155

CVE-2007-4155 is a Windows-hosted vulnerability in VMware’s vielib.dll (ActiveX) that enables absolute path traversal to trigger CreateProcess/CreateProcessEx, allowing remote attackers to execute arbitrary local programs on VMware Workstation/Player 6.0.0 family. VMware advisories (VMSA-2007-000...

CVE-2007-4067

CVE-2007-4067 : An absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control (CLINETSUITEX6.OCX) of Clever Internet ActiveX Suite 6.2 allows remote attackers to create or overwrite arbitrary files via a full pathname passed as the second argument to the GetToFile method....

CVE-2007-4059

CVE-2007-4059 is an absolute path traversal in IntraProcessLogging.dll (Windows) affecting VMware Workstation/Server/Player components. The vulnerability allows a remote attacker to overwrite arbitrary files by supplying a full pathname to the SetLogFileName function in IntraProcessLogging.dll (a...

CVE-2007-4028

Absolute path traversal vulnerability in index.php in Webspell 4.01.02 allows remote attackers to include and execute arbitrary local files via a full pathname in the site parameter. NOTE: some of these details are obtained from third party information...

Path traversal

Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 ActiveReports ActiveX control in arpro2.dll in ActiveReports 2.0 Professional Edition 2.5.0.1308 SP5 RC allows remote attackers to create or overwrite arbitrary files via a full pathname in an argument to t...

CVE-2007-3982

The CVE-2007-3982 entry concerns the Data Dynamics ActiveReport (ActiveReports) ActiveX control (actrpt2.dll) version 2.5 and earlier. The vulnerability is an absolute path traversal in which a full pathname passed as the first argument to the SaveLayout method can be used to create or overwrite ...