Total
7203 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4957 | 1 Novell | 1 File Reporter | 2025-04-11 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record. | |||||
| CVE-2010-1928 | 1 Openmairie | 1 Openplanning | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. | |||||
| CVE-2010-0676 | 2 Joomla, Weberr | 2 Joomla\!, Com Rwcards | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter. | |||||
| CVE-2010-3103 | 1 Ftpgetter | 1 Ftpgetter | 2025-04-11 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.05, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
| CVE-2013-5107 | 1 Rockmongo | 1 Rockmongo | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php. | |||||
| CVE-2010-3104 | 1 Deskshare | 1 Auto Ftp Manager | 2025-04-11 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
| CVE-2010-0467 | 2 Chillcreations, Joomla | 2 Com Ccnewsletter, Joomla\! | 2025-04-11 | 5.0 MEDIUM | 5.8 MEDIUM |
| Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php. | |||||
| CVE-2013-3504 | 1 Gwos | 1 Groundwork Monitor | 2025-04-11 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to the nagios account. | |||||
| CVE-2011-0049 | 1 Mj2 | 1 Majordomo 2 | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface. | |||||
| CVE-2013-5219 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2025-04-11 | 3.3 LOW | N/A |
| Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd. | |||||
| CVE-2010-1062 | 1 Phpkobo | 1 Free Real Estate Contact Form Script | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1926 | 1 Openmairie | 1 Opencourrier | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in scr/soustab.php in openMairie openCourrier 2.02 and 2.03 beta, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-0725 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2025-04-11 | 4.9 MEDIUM | N/A |
| Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface. | |||||
| CVE-2010-4801 | 1 Baconmap | 1 Baconmap | 2025-04-11 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter. | |||||
| CVE-2010-1658 | 1 Code-garage | 1 Com Noticeboard | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2012-5331 | 1 Nasir Khan | 1 Asaancart | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in asaanCart 0.9 allows remote attackers to include arbitrary local files via a .. (dot dot) in the page parameter to index.php. | |||||
| CVE-2010-3487 | 1 Yellosoft | 1 Pinky | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL. | |||||
| CVE-2012-2202 | 1 Ibm | 3 Lotus Protector For Mail Security, Proventia Network Mail Security System, Proventia Network Mail Security System Firmware | 2025-04-11 | 3.5 LOW | N/A |
| Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter. | |||||
| CVE-2013-5021 | 2 Abb, Ni | 5 Datamanager, Labview, Labwindows and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunction with file content in the (a) Caption or (b) FormatString property value. | |||||
| CVE-2011-4675 | 1 Widelands | 1 Widelands | 2025-04-11 | 6.4 MEDIUM | N/A |
| The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (tilde) characters to home-directory pathnames but does not restrict use of these characters in strings received from the network, which might allow remote attackers to conduct absolute path traversal attacks and overwrite arbitrary files via a ~ in a pathname that is used for a file transfer in an Internet game, a different vulnerability than CVE-2011-1932. | |||||