Search
Total
4706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2468 | 1 Anymacro | 1 Anymacro Mail System | 2012-04-25 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in AnyMacro Mail System G4X allows remote attackers to read arbitrary files via directory traversal sequences in a request. | |||||
| CVE-2011-4880 | 1 Atvise | 1 Webmi2ads | 2012-04-13 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request. | |||||
| CVE-2010-5086 | 1 Bitweaver | 1 Bitweaver | 2012-03-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter. | |||||
| CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2012-03-05 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | |||||
| CVE-2012-1047 | 1 Cyberoam | 1 Cyberoam Central Console | 2012-02-25 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action. | |||||
| CVE-2012-0996 | 1 11in1 | 1 11in1 | 2012-02-24 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php. | |||||
| CVE-2012-0998 | 1 Lepton-cms | 1 Lepton | 2012-02-24 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in account/preferences.php in LEPTON before 1.1.4 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the language parameter. | |||||
| CVE-2011-4431 | 1 Merethis | 1 Centreon | 2012-02-14 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter. | |||||
| CVE-2011-3495 | 1 Measuresoft | 1 Scadapro | 2012-02-14 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command. | |||||
| CVE-2010-4858 | 1 Joerg Risse | 1 Dnet Live-stats | 2012-02-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter. | |||||
| CVE-2010-4835 | 1 Oneorzero | 1 Aims | 2012-02-14 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 Members Edition allows remote authenticated users to read arbitrary files via directory traversal sequences in the controller parameter in a show_report action. | |||||
| CVE-2011-4804 | 2 Foobla, Joomla | 2 Com Obsuggest, Joomla\! | 2012-02-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2011-4810 | 1 Whmcs | 1 Whmcompletesolution | 2012-02-10 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php. | |||||
| CVE-2011-4807 | 1 Phpalbum | 1 Phpalbum | 2012-02-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter. | |||||
| CVE-2011-4831 | 1 David Azoulay | 1 Web File Browser | 2012-02-09 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action. | |||||
| CVE-2012-1025 | 1 Dream-multimedia-tv | 1 Enigma2 Webinterface | 2012-02-08 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter. | |||||
| CVE-2011-2524 | 1 Gnome | 1 Libsoup | 2012-02-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI. | |||||
| CVE-2011-4135 | 1 Flexerasoftware | 1 Flexnet Publisher | 2012-01-23 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-1389. | |||||
| CVE-2011-4532 | 1 Siemens | 1 Automation License Manager | 2012-01-09 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method. | |||||
| CVE-2011-4717 | 1 Zftpserver | 1 Zftpserver Suite | 2011-12-20 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command. | |||||
| CVE-2011-4835 | 1 Homeseer | 1 Homeseer Hs2 | 2011-12-15 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | |||||
| CVE-2011-4001 | 1 Mawashimono | 1 Nikki | 2011-12-14 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to read and modify arbitrary files via unspecified vectors. | |||||
| CVE-2011-4713 | 1 Oscss | 1 Oscss | 2011-12-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the _ID parameter to (1) catalog/shopping_cart.php or (2) catalog/content.php. | |||||
| CVE-2011-4036 | 1 Schneider-electric | 3 Citecthistorian, Citectscada Reports, Vijeo Historian | 2011-12-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2011-0203 | 1 Apple | 1 Mac Os X Server | 2011-10-27 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing. | |||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2011-10-18 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
| CVE-2011-1565 | 1 7t | 1 Igss | 2011-09-22 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401. | |||||
| CVE-2009-0932 | 1 Debian | 2 Horde, Horde Groupware | 2011-09-22 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name. | |||||
| CVE-2011-3500 | 1 Cogentdatahub | 1 Cogent Datahub | 2011-09-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. | |||||
| CVE-2010-3867 | 1 Proftpd | 1 Proftpd | 2011-09-15 | 7.1 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command. | |||||
| CVE-2011-2757 | 1 Manageengine | 1 Servicedesk Plus | 2011-07-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue. | |||||
| CVE-2011-2755 | 1 Manageengine | 1 Servicedesk Plus | 2011-07-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2011-2474 | 1 Sybase | 1 Easerver | 2011-06-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path. | |||||
| CVE-2011-1900 | 1 Indusoft | 1 Web Studio | 2011-05-31 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request. | |||||
| CVE-2011-1902 | 1 Proofpoint | 2 Messaging Security Gateway, Protection Server | 2011-05-31 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2011-0426 | 1 Vmware | 2 Vcenter, Virtualcenter | 2011-05-27 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2010-0350 | 2 Arco Van Geest, Typo3 | 2 Goof Fotoboek, Typo3 | 2011-05-02 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. | |||||
| CVE-2010-0348 | 1 C-3.co.jp | 1 Webcalenderc3 | 2011-04-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2010-4769 | 2 Janguo, Joomla | 2 Com Jimtawl, Joomla\! | 2011-03-24 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php. | |||||
| CVE-2011-0329 | 1 Dell | 1 Dellsystemlite.scanner Activex Control | 2011-03-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter. | |||||
| CVE-2009-0271 | 1 Fujitsu | 1 Systemcastwizard Lite | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | |||||
| CVE-2008-2889 | 1 Wise-ftp | 1 Wise-ftp | 2011-03-08 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | |||||
| CVE-2007-6612 | 1 Mongrel | 1 Mongrel | 2011-03-08 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in DirHandler (lib/mongrel/handlers.rb) in Mongrel 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to read arbitrary files via an HTTP request containing double-encoded sequences (".%252e"). | |||||
| CVE-2007-5491 | 1 Sitebar | 1 Sitebar | 2011-03-08 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter. | |||||
| CVE-2007-4718 | 1 Claroline | 1 Claroline | 2011-03-08 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2007-4271 | 1 Ibm | 1 Db2 Universal Database | 2011-03-08 | 2.1 LOW | N/A |
| Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following. | |||||
| CVE-2006-6725 | 1 Phpbuilder | 1 Phpbuilder | 2011-03-08 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) lib/htm2php.php and (2) sitetools/htm2php.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-0871 | 1 Mambo | 1 Mambo | 2011-03-07 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the _setTemplate function in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to read and include arbitrary files via the mos_change_template parameter. NOTE: CVE-2006-1794 has been assigned to the SQL injection vector. | |||||
| CVE-2011-0698 | 2 Djangoproject, Microsoft | 2 Django, Windows | 2011-02-23 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays. | |||||
| CVE-2010-4369 | 1 Awstats | 1 Awstats | 2011-02-23 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory. | |||||