Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2425 | 1 Southrivertech | 1 Titan Ftp Server | 2025-04-11 | 6.5 MEDIUM | N/A |
|
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
|
|||||
| CVE-2010-4181 | 1 Yaws | 1 Yaws | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
|
|||||
| CVE-2012-1050 | 1 Mathopd | 1 Mathopd | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted Host header.
|
|||||
| CVE-2010-2695 | 1 Xlightftpd | 1 Xlight Ftp Server | 2025-04-11 | 6.5 MEDIUM | N/A |
|
Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions before 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rename, and other unspecified commands.
|
|||||
| CVE-2009-5089 | 1 Ideacart | 1 Ideacart | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0.02a allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
|
|||||
| CVE-2010-0957 | 1 Saskia Bruckner | 1 Saskias Shopsystem | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.
|
|||||
| CVE-2012-0365 | 1 Cisco | 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more | 2025-04-11 | 9.0 HIGH | N/A |
|
Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.
|
|||||
| CVE-2011-4640 | 1 Spamtitan | 1 Webtitan | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action.
|
|||||
| CVE-2010-1304 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Userstatus | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2013-3658 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | 9.4 HIGH | N/A |
|
Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.
|
|||||
| CVE-2010-0620 | 1 Emc | 1 Homebase Server | 2025-04-11 | 9.3 HIGH | N/A |
|
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.
|
|||||
| CVE-2011-3171 | 2 Pureftpd, Suse | 3 Pure-ftpd, Linux Enterprise Desktop, Linux Enterprise Server | 2025-04-11 | 3.6 LOW | N/A |
|
Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors.
|
|||||
| CVE-2010-1306 | 2 Joomla, Roberto Aloi | 2 Joomla\!, Com Joomlapicasa2 | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2010-1312 | 2 Ijoomla, Joomla | 2 Com News Portal, Joomla\! | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2010-5286 | 2 Joobi, Joomla | 2 Com Jstore, Joomla\! | 2025-04-11 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2013-5107 | 1 Rockmongo | 1 Rockmongo | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php.
|
|||||
| CVE-2009-4952 | 2 Serge Gebhardt, Typo3 | 2 Dir Listing, Typo3 | 2025-04-11 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in the Directory Listing (dir_listing) extension 1.1.0 and earlier for TYPO3 allows remote attackers to have an unspecified impact via unknown vectors.
|
|||||
| CVE-2010-0943 | 2 Joomla, Joomlart | 2 Joomla\!, Com Jashowcase | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
|
|||||
| CVE-2010-1601 | 2 Joomla, Joomlamart | 2 Joomla\!, Com Jacomment | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
|||||
| CVE-2011-5217 | 1 Hitachi | 2 Jp1\/serverconductor\/deploymentmanager, Serverconductor\/deploymentmanager | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the PXE Mtftp service in Hitachi JP1/ServerConductor/DeploymentManager before 08-55 Japanese and before 08-51 English allows remote attackers to read arbitrary files via unknown vectors.
|
|||||
| CVE-2010-4769 | 2 Janguo, Joomla | 2 Com Jimtawl, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php.
|
|||||
| CVE-2012-6276 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
|
|||||
| CVE-2010-1952 | 2 Cmstactics, Joomla | 3 Com Beeheard, Com Beeheardlite, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2013-1645 | 1 Open-xchange | 1 Open-xchange Server | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the publication template path.
|
|||||
| CVE-2012-1089 | 1 Apache | 1 Wicket | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
|
|||||
| CVE-2010-0613 | 1 Arwscripts | 1 Fonts Script | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
|
|||||
| CVE-2010-1951 | 1 60cyclecms Project | 1 60cyclecms | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php.
|
|||||
| CVE-2009-5067 | 1 Html2ps Project | 1 Html2ps | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices.
|
|||||
| CVE-2010-4719 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
|||||
| CVE-2010-4931 | 1 Php-fusion | 1 Php-fusion | 2025-04-11 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party
|
|||||
| CVE-2009-5087 | 1 Geovision | 1 Digital Surveillance System | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET request.
|
|||||
| CVE-2012-2968 | 1 Caucho | 1 Resin | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request.
|
|||||
| CVE-2010-1219 | 2 Com Janews, Joomla | 2 Com Janews, Joomla | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2010-0933 | 1 Perforce | 1 Perforce Server | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command.
|
|||||
| CVE-2010-0759 | 2 Greatjoomla, Joomla | 2 Scriptegrator Plugin, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
|
|||||
| CVE-2013-0671 | 1 Siemens | 1 Wincc Tia Portal | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
|
|||||
| CVE-2010-1471 | 2 B-elektro, Joomla | 2 Com Addressbook, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
|
Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
|||||
| CVE-2011-0203 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing.
|
|||||
| CVE-2012-1712 | 1 Oracle | 1 Glassfish Web Space Server10.0 | 2025-04-11 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors.
|
|||||
| CVE-2011-1565 | 1 7t | 1 Igss | 2025-04-11 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401.
|
|||||