Total
7391 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4694 | 1 Zip Attachments Project | 1 Zip Attachments | 2025-04-12 | 5.0 MEDIUM | 8.6 HIGH |
| Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter. | |||||
| CVE-2014-2626 | 1 Hp | 1 Network Virtualization | 2025-04-12 | 9.4 HIGH | N/A |
| Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024. | |||||
| CVE-2014-9574 | 1 Fluxbb | 1 Fluxbb | 2025-04-12 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter. | |||||
| CVE-2015-0016 | 1 Microsoft | 8 Windows 7, Windows 8, Windows 8.1 and 5 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability." | |||||
| CVE-2013-3706 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595. | |||||
| CVE-2014-3578 | 1 Pivotal Software | 1 Spring Framework | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL. | |||||
| CVE-2012-3521 | 1 Qbnz | 1 Geshi | 2025-04-12 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) geshi-path or (2) geshi-lang-path parameter. | |||||
| CVE-2015-5149 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2025-04-12 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Request component to workorder/Attachment.jsp. | |||||
| CVE-2015-4988 | 1 Ibm | 1 Tealeaf Customer Experience | 2025-04-12 | 7.8 HIGH | 8.6 HIGH |
| Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-8770 | 1 Roundcube | 1 Roundcube Webmail | 2025-04-12 | 6.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. (dot dot) in the _skin parameter to index.php. | |||||
| CVE-2014-5160 | 1 Hp | 1 Data Protector | 2025-04-12 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavior is "by design. | |||||
| CVE-2015-0911 | 1 Dounokouno | 1 Transmitmail | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling. | |||||
| CVE-2015-5482 | 1 Dev4press | 1 Gd Bbpress Attachments | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the tab parameter in the gdbbpress_attachments page to wp-admin/edit.php. | |||||
| CVE-2015-2243 | 1 Webshophun | 1 Webshop Hun | 2025-04-12 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php. | |||||
| CVE-2015-4040 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors. | |||||
| CVE-2014-9234 | 1 D-link | 2 Dcs-2103 Hd Cube Network Camera, Dcs-2103 Hd Cube Network Camera Firmware | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cgi-bin/sddownload.cgi in D-link IP camera DCS-2103 with firmware 1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2014-9261 | 1 Codologic | 1 Codoforum | 2025-04-12 | 5.0 MEDIUM | N/A |
| The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to index.php. | |||||
| CVE-2015-4716 | 2 Microsoft, Owncloud | 3 Windows, Owncloud, Owncloud Server | 2025-04-12 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-7361 | 1 Sap | 2 Cm Services, Cms Services | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SAP CMS and CM Services allows attackers to upload arbitrary files via unspecified vectors. | |||||
| CVE-2015-6406 | 1 Cisco | 1 Emergency Responder | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781. | |||||