CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALSnlang parameter to 1 mod/poll.php and 2 mod/new.php...

6.8CVSS7.3AI score0.01853EPSS

Exploits1References4

Prion•added 2009/10/28 10:30 a.m.•10 views

Directory traversal

Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magicquotesgpc is enabled, allows remote attackers to read arbitrary files via a .. dot dot in the GLOBALSpage parameter...

4.3CVSS7.2AI score0.01099EPSS

Exploits0References2Affected Software1

Cvelist•added 2007/02/03 1:0 a.m.•15 views

CVE-2007-0677

PHP remote file inclusion vulnerability in fw/class.QuickConfigBrowser.php in Cadre PHP Framework 20020724 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigframeworkpath parameter...

7.5AI score0.11542EPSS

Exploits1References8

Cvelist•added 2006/12/18 11:0 a.m.•20 views

CVE-2006-6633

PHP remote file inclusion vulnerability in include/yapbbsession.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSincludeBit parameter...

7.6AI score0.04945EPSS

Exploits1References3

UbuntuCve•added 2006/08/31 10:4 a.m.•19 views

CVE-2006-4458

Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.010 and earlier allows remote attackers to include arbitrary local files via a .. dot dot sequence and trailing null %00 byte in the GLOBALSphpgwinfouserpreferencescommoncountry parameter...

6.4CVSS6AI score0.08859EPSS

Exploits0References1

NVD•added 2006/06/01 10:2 a.m.•7 views

CVE-2006-2730

PHP remote file inclusion vulnerability in admin/libactionstep.php in Hot Open Tickets HOT 11012004ver2f, when registerglobals is enabled, allows remote attackers to include arbitrary files via the GLOBALSCLASSPATH parameter. NOTE: this issue might be resultant from a global overwrite vulnerabili...

5.1CVSS6.8AI score0.0791EPSS

Exploits1References5

Prion•added 2006/05/19 10:2 a.m.•14 views

Directory traversal

Sugar Suite Open Source SugarCRM 4.2 and earlier, when registerglobals is enabled, does not protect critical variables such as $GLOBALS and $SESSION from modification, which allows remote attackers to conduct attacks such as directory traversal or PHP remote file inclusion, as demonstrated by...

6.4CVSS7.1AI score0.06078EPSS

Exploits1References10Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by