Total
7186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1380 | 1 Bisonftp | 1 Bisonftp Server 4 | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | |||||
| CVE-2002-2154 | 1 Monkey-project | 1 Monkey | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences. | |||||
| CVE-2004-2747 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2025-04-03 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error messages depending on whether the file exists or not. | |||||
| CVE-2002-2399 | 1 Cascadesoft | 1 W3mail | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
| CVE-2006-0795 | 1 Thomastsoi | 1 Quirex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_foot, and (3) template variables. | |||||
| CVE-2004-2745 | 1 Anteco Visual Technologies | 1 Ownserver | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2003-1545 | 2 Nukestyles, Phpnuke | 2 Viewpage, Nukestyles Viewpage Module | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon. | |||||
| CVE-2004-1444 | 1 Roundup-tracker | 1 Roundup | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request. | |||||
| CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | |||||
| CVE-2006-0223 | 1 Topcmm Computing | 1 123 Flash Chat Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field. | |||||
| CVE-2006-3360 | 1 Phpsysinfo | 1 Phpsysinfo | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists. | |||||
| CVE-2003-1430 | 3 Epic Games, Linux, Microsoft | 3 Unreal Engine, Linux Kernel, All Windows | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | |||||
| CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | |||||
| CVE-2005-1925 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php. | |||||
| CVE-2005-2033 | 1 Blue-collar Productions | 1 I-gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. | |||||
| CVE-2002-2229 | 1 Sapio Design Ltd | 1 Webreflex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 allows remote attackers to read arbitrary files via a .. in an HTTP request. | |||||
| CVE-2005-0253 | 1 Guillaumegardey | 1 Biborb | 2025-04-03 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter. | |||||
| CVE-2005-3347 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346. | |||||
| CVE-2002-2240 | 1 Myserver | 1 Myserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. | |||||