Total
7155 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4001 | 1 Mawashimono | 1 Nikki | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to read and modify arbitrary files via unspecified vectors. | |||||
| CVE-2010-0533 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors. | |||||
| CVE-2013-0831 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process. | |||||
| CVE-2010-0957 | 1 Saskia Bruckner | 1 Saskias Shopsystem | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter. | |||||
| CVE-2013-6864 | 1 Sybase | 1 Adaptive Server Enterprise | 2025-04-11 | 6.1 MEDIUM | N/A |
| Directory traversal vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to affect confidentiality, integrity, and availability via unspecified vectors. | |||||
| CVE-2010-4634 | 1 Osticket | 1 Osticket | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party | |||||
| CVE-2012-0365 | 1 Cisco | 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more | 2025-04-11 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009. | |||||
| CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2025-04-11 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | |||||
| CVE-2013-4524 | 1 Moodle | 1 Moodle | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path. | |||||
| CVE-2012-4506 | 2 Gitolite, Sitaram Chamarty | 2 Gitolite, Gitolite | 2025-04-11 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name. | |||||
| CVE-2012-5907 | 1 Tomatocart | 1 Tomatocart | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter in a "3" action. | |||||
| CVE-2010-1003 | 1 Efrontlearning | 1 Efront | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through 3.5.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langname parameter. | |||||
| CVE-2013-1608 | 1 Symantec | 1 Netbackup Appliance | 2025-04-11 | 6.7 MEDIUM | N/A |
| Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2011-5210 | 1 Limny | 1 Limny | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the theme parameter. | |||||
| CVE-2013-6827 | 1 Pineapp | 1 Mail-secure | 2025-04-11 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter. | |||||
| CVE-2013-3654 | 1 Lockon | 1 Ec-cube | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650. | |||||
| CVE-2009-4723 | 1 Netpet | 1 Netpet Cms | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2012-2227 | 1 Pluxml | 1 Pluxml | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | |||||
| CVE-2012-6038 | 1 Razorcms | 1 Razorcms | 2025-04-11 | 6.5 MEDIUM | N/A |
| admin/core/admin_func.php in razorCMS before 1.2.1 does not properly restrict access to certain administrator directories and files, which allows remote authenticated users to read, edit, rename, move, copy and delete files via the (1) dir parameter in a fileman or (2) filemanview action. NOTE: this issue has been referred to as a "path traversal." | |||||
| CVE-2024-9675 | 2 Buildah Project, Redhat | 14 Buildah, Enterprise Linux, Enterprise Linux Eus and 11 more | 2025-04-10 | N/A | 7.8 HIGH |
| A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | |||||