Total
6077 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2010-0958 | 1 Thomas Perez | 1 Tribisur | 2010-06-17 | N/A |
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information. | ||||
CVE-2010-0799 | 1 Perlunity | 1 Phpunity.newsmanager | 2010-06-17 | N/A |
Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | ||||
CVE-2010-0680 | 1 Zeuscms | 1 Zeuscms | 2010-06-17 | N/A |
Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | ||||
CVE-2009-4679 | 2 Inertialfate, Joomla | 2 Com If Nexus, Joomla\! | 2010-06-17 | N/A |
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
CVE-2009-4434 | 1 Idevspot | 1 Isupport | 2010-06-17 | N/A |
Directory traversal vulnerability in index.php in IDevSpot iSupport 1.8 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter. | ||||
CVE-2010-1312 | 2 Ijoomla, Joomla | 2 Com News Portal, Joomla\! | 2010-04-22 | N/A |
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
CVE-2010-0613 | 1 Arwscripts | 1 Fonts Script | 2010-03-26 | N/A |
Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2008-6505 | 1 Apache | 1 Struts | 2009-08-19 | N/A |
Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot dot slash) in a URI with a /struts/ path, related to (1) FilterDispatcher in 2.0.x and (2) DefaultStaticContentLoader in 2.1.x. | ||||
CVE-2009-2658 | 1 Znc | 1 Znc | 2009-08-12 | N/A |
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request. | ||||
CVE-2009-2659 | 1 Django Project | 1 Django | 2009-08-12 | N/A |
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. | ||||
CVE-2009-2449 | 1 Adbnewssender | 1 Adbnewssender | 2009-07-22 | N/A |
Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter. | ||||
CVE-2009-1161 | 1 Cisco | 10 Ciscoworks Common Services, Ciscoworks Health And Utilization Monitor, Ciscoworks Lan Management Solution and 7 more | 2009-06-09 | N/A |
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. | ||||
CVE-2009-1148 | 1 Phpmyadmin | 1 Phpmyadmin | 2009-04-16 | N/A |
Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable). | ||||
CVE-2004-2717 | 1 Php Heaven | 1 Phpmychat | 2009-04-03 | N/A |
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2) What parameters. | ||||
CVE-2007-6376 | 1 Francisco Burzi | 1 Php-nuke | 2008-11-15 | N/A |
Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
CVE-2006-2758 | 1 Jetty | 1 Jetty | 2008-09-05 | N/A |
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747. | ||||
CVE-2002-2403 | 1 Key Focus | 1 Kf Web Server | 2008-09-05 | N/A |
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences. |