Total
7137 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6500 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php. | |||||
| CVE-2010-4181 | 1 Yaws | 1 Yaws | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences. | |||||
| CVE-2010-0620 | 1 Emc | 1 Homebase Server | 2025-04-11 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter. | |||||
| CVE-2010-1607 | 2 Joomla, Paysyspro | 2 Joomla\!, Com Wmi | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-2307 | 1 Motorola | 1 Surfboard Sbv6120e | 2025-04-11 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. | |||||
| CVE-2010-2797 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addbookmark.php, a different vulnerability than CVE-2008-5642. | |||||
| CVE-2011-2718 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-11 | 6.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php. | |||||
| CVE-2010-2096 | 1 Cmsqlite | 1 Cmsqlite | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. | |||||
| CVE-2010-1340 | 2 Joomla, Joomla-research | 2 Joomla\!, Com Jresearch | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2014-1698 | 1 Siemens | 1 Simatic Wincc Open Architecture | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999. | |||||
| CVE-2013-0141 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory. | |||||
| CVE-2011-4643 | 1 Splunk | 1 Splunk | 2025-04-11 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243. | |||||
| CVE-2010-1652 | 1 Helpcenterlive | 1 Hcl | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5278 | 1 Modx | 1 Modx Revolution | 2025-04-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-1099 | 1 Focalmedia.net | 1 Quick Polls | 2025-04-11 | 5.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter in a delete action to index.php. | |||||
| CVE-2009-5089 | 1 Ideacart | 1 Ideacart | 2025-04-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0.02a allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | |||||
| CVE-2010-4153 | 1 Crossftp | 1 Crossftp Pro | 2025-04-11 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
| CVE-2010-1462 | 1 Webasyst Llc | 1 Shop-script | 2025-04-11 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter. | |||||
| CVE-2010-3306 | 1 Salvo G. Tomaselli | 1 Weborf | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI. | |||||
| CVE-2012-1024 | 1 Dream-multimedia-tv | 1 Enigma2 Webinterface | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||