Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1043 | 1 Jaxcms | 1 Jaxcms | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter.
|
|||||
| CVE-2010-5101 | 1 Typo3 | 1 Typo3 | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
|
|||||
| CVE-2010-4858 | 1 Joerg Risse | 1 Dnet Live-stats | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter.
|
|||||
| CVE-2010-1955 | 2 Joomla, Thefactory | 2 Joomla\!, Com Blogfactory | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2010-1057 | 1 Phpkobo | 1 Adfreely | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php in (1) codelib/cfg/, (2) codelib/sys/, (3) staff/, and (4) staff/app/; and (5) staff/file.php. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2011-5208 | 2 Backwpup, Wordpress | 2 Backwpup, Wordpress | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the wpabs parameter to (1) app/options-view_log-iframe.php or (2) app/options-runnow-iframe.php.
|
|||||
| CVE-2011-4876 | 1 Siemens | 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, create, modify, or delete arbitrary files via a .. (dot dot) in a string.
|
|||||
| CVE-2010-1302 | 2 Decryptweb, Joomla | 2 Com Dwgraphs, Joomla\! | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
|||||
| CVE-2010-3456 | 1 Energyscripts | 1 Simple Download | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
|||||
| CVE-2009-4978 | 1 Tufat | 1 Mybackup | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
|
|||||
| CVE-2011-5141 | 1 Obm | 1 Open Business Management | 2025-04-11 | 6.0 MEDIUM | N/A |
|
Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the module parameter in an export_page action.
|
|||||
| CVE-2012-4834 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.
|
|||||
| CVE-2012-4940 | 1 Gecad | 1 Axigen Free Mail Server | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
|
|||||
| CVE-2012-6500 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php.
|
|||||
| CVE-2010-1494 | 2 Awdsolution, Joomla | 2 Com Awdwall, Joomla\! | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2011-4831 | 1 David Azoulay | 1 Web File Browser | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action.
|
|||||
| CVE-2010-2259 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2012-2597 | 1 Siemens | 1 Wincc | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL.
|
|||||
| CVE-2010-0146 | 1 Cisco | 1 Security Agent | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
|
|||||
| CVE-2011-4717 | 1 Zftpserver | 1 Zftpserver Suite | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.
|
|||||
| CVE-2013-3598 | 1 Searchblox | 1 Searchblox | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.
|
|||||
| CVE-2012-4878 | 1 Flatnux | 1 Flatnux | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.
|
|||||
| CVE-2010-1531 | 2 Joomla, Redcomponent | 2 Joomla\!, Com Redshop | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
|||||
| CVE-2010-4369 | 1 Awstats | 1 Awstats | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.
|
|||||
| CVE-2013-6821 | 1 Sap | 1 Netweaver | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors.
|
|||||
| CVE-2012-5969 | 1 Huawei | 2 E585, E585u-82 | 2025-04-11 | 4.8 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi.
|
|||||
| CVE-2010-1267 | 1 Kjetiltroan | 1 Webmaid Cms | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the com parameter to (1) cContactus.php, (2) cGuestbook.php, and (3) cArticle.php.
|
|||||
| CVE-2011-1589 | 1 Mojolicious | 1 Mojolicious | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
|
|||||
| CVE-2010-0396 | 1 Debian | 1 Dpkg | 2025-04-11 | 5.8 MEDIUM | N/A |
|
Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.
|
|||||
| CVE-2011-4643 | 1 Splunk | 1 Splunk | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
|
|||||
| CVE-2010-1537 | 1 Francois Bissonnette | 1 Phpcdb | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang_global parameter to (1) firstvisit.php, (2) newfolder.php, (3) showfolders.php, (4) newlang.php, (5) showinnerfolder.php, (6) writecode.php, and (7) showcode.php.
|
|||||
| CVE-2013-6987 | 1 Synology | 1 Diskstation Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary files via a .. (dot dot) in the (1) path parameter to file_delete.cgi or (2) folder_path parameter to file_share.cgi in webapi/FileStation/; (3) dlink parameter to fbdownload/; or unspecified parameters to (4) html5_upload.cgi, (5) file_download.cgi, (6) file_sharing.cgi, (7) file_MVCP.cgi, or (8) fil ...
Show More |
|||||
| CVE-2013-7300 | 1 Craig Drummond | 1 Cantata | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301.
|
|||||
| CVE-2011-4813 | 1 Whmcs | 1 Whmcompletesolution | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templatefile parameter.
|
|||||
| CVE-2010-3910 | 1 Vtiger | 1 Vtiger Crm | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in the return_application_language function in include/utils/utils.php in vtiger CRM before 5.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang_crm parameter to phprint.php or (2) the current_language parameter in an Accounts Import action to graph.php.
|
|||||
| CVE-2010-1602 | 2 Joomla, Zimbllc | 2 Joomla\!, Com Zimbcomment | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2010-2050 | 2 Joomla, M0r0n | 2 Joomla\!, Com Mscomment | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2010-1723 | 2 Joomla, Joomlacomponent.inetlanka | 2 Joomla\!, Com Drawroot | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2010-1298 | 1 Pulsecms | 1 Pulse Cms | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arbitrary files via directory traversal sequences in the f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2009-4790 | 1 Sysax | 1 Multi Server | 2025-04-11 | 9.0 HIGH | N/A |
|
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||