Directory traversal

Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. dot dot in the module parameter...

CVE-2008-2838

Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. dot dot in the module parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message...

CVE-2008-2082

Cross-site scripting XSS vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message...

CVE-2008-2081

The CVE-2008-2081 entry documents a directory traversal (Local File Inclusion) in index.php of Siteman 2.0.x2. The issue, exploitable by remote authenticated administrators via a .. in the module parameter, enables inclusion and execution of arbitrary local files. Root cause: insufficient input s...

CVE-2008-2082

Cross-site scripting XSS vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message...

Directory traversal

Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter...

CVE-2007-6086

CVE-2007-6086 is a directory-traversal vulnerability in VigileCMS 1.4. The issue occurs in index.php where directory traversal sequences in the module parameter allow remote attackers to include and execute arbitrary local files. This leads to arbitrary code execution and partial/complete comprom...

CVE-2007-5820

Directory traversal vulnerability in index.php in Ax Developer CMS AxDCMS 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...

Directory traversal

Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the deflang parameter to modules/files/list.php; the mpath parameter to 2 modules/projects/summary.inc.php or 3...

CVE-2007-5650

Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to index.php...

CVE-2007-5650

Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to index.php...

CVE-2006-3548

Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a 1 javascript URI or an external 2 http, 3 https, or 4 ftp URI in the url parameter in services/go.php a...

CVE-2006-3237

Cross-site scripting XSS vulnerability in index.php in Enterprise Groupware System EGS 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter...

CVE-2005-3067

Cross-site scripting XSS vulnerability in perldiver.cgi in PerlDiver 2.x allows remote attackers to inject arbitrary web script or HTML via the module parameter...

CVE-2001-1524

Cross-site scripting XSS vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 uname parameter in user.php, 2 ttitle, letter and file parameters in modules.php, 3 subject, story and storyext parameters in submit.php, 4 upload paramete...

CVE-2005-0309

Multiple cross-site scripting XSS vulnerabilities in 1 index.php or 2 mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter...