Total
7186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3934 | 1 Alkacon | 1 Opencms | 2025-04-03 | 4.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter. | |||||
| CVE-2005-3347 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346. | |||||
| CVE-2006-0434 | 1 Phpxplorer | 1 Phpxplorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability. | |||||
| CVE-2005-1813 | 1 Futuresoft | 1 Tftp Server 2000 | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences. | |||||
| CVE-2002-2233 | 1 Mollensoft Software | 1 Enceladus Server Suite | 2025-04-03 | 8.3 HIGH | N/A |
| Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..". | |||||
| CVE-2005-2033 | 1 Blue-collar Productions | 1 I-gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. | |||||
| CVE-2003-1345 | 1 Follett Software | 1 Webcollection Plus | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. | |||||
| CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | |||||
| CVE-2003-1373 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. | |||||
| CVE-2003-1542 | 1 Ondrej Jombik | 1 Phpwebfilemanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the fm_path parameter. | |||||
| CVE-2003-1465 | 1 Phorum | 1 Phorum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. | |||||
| CVE-2005-1918 | 2 Gnu, Redhat | 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-03 | 2.6 LOW | N/A |
| The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". | |||||
| CVE-2002-2387 | 1 Mollensoft Software | 1 Hyperion Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command. | |||||
| CVE-2003-1430 | 3 Epic Games, Linux, Microsoft | 3 Unreal Engine, Linux Kernel, All Windows | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | |||||
| CVE-2001-0925 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex. | |||||
| CVE-2004-2750 | 1 Jbrowser | 1 Jbrowser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in browser.php in JBrowser 1.0 through 2.1 allows remote attackers to read arbitrary files via the directory parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2001-0780 | 1 Cosmicperl | 1 Directory Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. | |||||
| CVE-2002-2229 | 1 Sapio Design Ltd | 1 Webreflex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 allows remote attackers to read arbitrary files via a .. in an HTTP request. | |||||
| CVE-2004-2717 | 1 Php Heaven | 1 Phpmychat | 2025-04-03 | 2.6 LOW | N/A |
| Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2) What parameters. | |||||
| CVE-2006-2337 | 1 D-link | 1 Dsl-g604t | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | |||||