Total
7129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2104 | 1 Orbitdownloader | 1 Orbit Downloader | 2025-04-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 allows user-assisted remote attackers to write arbitrary files via a metalink file containing directory traversal sequences in the name attribute of a file element. | |||||
| CVE-2013-1224 | 1 Cisco | 1 Unified Customer Voice Portal | 2025-04-11 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369. | |||||
| CVE-2012-2968 | 1 Caucho | 1 Resin | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request. | |||||
| CVE-2010-0831 | 1 Matthias Klose | 1 Fastjar | 2025-04-11 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619. | |||||
| CVE-2010-0943 | 2 Joomla, Joomlart | 2 Joomla\!, Com Jashowcase | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. | |||||
| CVE-2011-5127 | 2 Bluecoat, Microsoft | 2 Reporter, Windows | 2025-04-11 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | |||||
| CVE-2010-3606 | 1 Netartmedia | 1 Real Estate Portal | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters. | |||||
| CVE-2011-2657 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument. | |||||
| CVE-2010-1533 | 2 Joomla, Peter Hocherl | 2 Joomla\!, Com Tweetla | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-3688 | 1 Netartmedia | 1 Websiteadmin | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA WebSiteAdmin allows remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the lng parameter. | |||||
| CVE-2014-1833 | 1 Devscripts Devel Team | 1 Devscripts | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink. | |||||
| CVE-2013-0262 | 1 Rack Project | 1 Rack | 2025-04-11 | 4.3 MEDIUM | N/A |
| rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals." | |||||
| CVE-2011-4716 | 1 Dream-multimedia-tv | 4 Dreambox Dm800 Hd Pvr, Dreambox Dm800 Hd Pvr Firmware, Dreambox Dm800 Hd Se and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter. | |||||
| CVE-2011-0063 | 1 Mj2 | 1 Majordomo 2 | 2025-04-11 | 5.0 MEDIUM | N/A |
| The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to produce .. (dot dot) sequences. NOTE: this vulnerability is due to an incomplete fix for CVE-2011-0049. | |||||
| CVE-2013-2981 | 1 Ibm | 1 Data Studio | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2010-2259 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-2266 | 1 F5 | 1 Nginx | 2025-04-11 | 5.0 MEDIUM | N/A |
| nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence. | |||||
| CVE-2011-4807 | 1 Phpalbum | 1 Phpalbum | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter. | |||||
| CVE-2012-1790 | 1 Webgrind Project | 1 Webgrind | 2025-04-11 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php. | |||||
| CVE-2011-0505 | 1 Remi Jean | 1 Zwii | 2025-04-11 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the set[template][value] parameter. | |||||