Search Results (9582 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-5280 2 Joomla, Joomla-cbe 2 Joomla\!, Com Cbe 2025-04-11 N/A
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file upload feature.
CVE-2010-1980 2 Joomla, Roberto Aloi 2 Joomla\!, Com Joomlaflickr 2025-04-11 N/A
Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2018 1 Bukulokomedia 1 Lokomedia Cms 2025-04-11 N/A
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2010-2033 2 Joomla, Percha 2 Joomla\!, Com Perchacategoriestree 2025-04-11 N/A
Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2036 2 Joomla, Percha 2 Joomla\!, Com Perchafieldsattach 2025-04-11 N/A
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2259 2 Joomla, Tamlyncreative 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more 2025-04-11 N/A
Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2322 2 Matthias Klose, Redhat 2 Fastjar, Enterprise Linux 2025-04-11 N/A
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.
CVE-2010-2334 1 Yamamah 1 Yamamah 2025-04-11 N/A
Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter.
CVE-2010-2507 2 Joomla, Masselink 2 Joomla\!, Com Picasa2gallery 2025-04-11 N/A
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-2695 1 Xlightftpd 1 Xlight Ftp Server 2025-04-11 N/A
Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions before 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rename, and other unspecified commands.
CVE-2010-2848 2 Gonzalo Maser, Joomla 2 Com Artforms, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.
CVE-2010-3102 1 3dftp 1 3d-ftp Client 2025-04-11 N/A
Directory traversal vulnerability in SiteDesigner Technologies, Inc. 3D-FTP Client 9.0 build 2, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-3103 1 Ftpgetter 1 Ftpgetter 2025-04-11 N/A
Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.05, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-3104 1 Deskshare 1 Auto Ftp Manager 2025-04-11 N/A
Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-3306 1 Salvo G. Tomaselli 1 Weborf 2025-04-11 N/A
Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI.
CVE-2011-0426 1 Vmware 2 Vcenter, Virtualcenter 2025-04-11 N/A
Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2010-3688 1 Netartmedia 1 Websiteadmin 2025-04-11 N/A
Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA WebSiteAdmin allows remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the lng parameter.
CVE-2010-3692 1 Apereo 1 Phpcas 2025-04-11 N/A
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.
CVE-2009-4645 1 Accellion 1 Secure File Transfer Appliance 2025-04-11 N/A
Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
CVE-2010-2034 2 Joomla, Percha 2 Joomla\!, Com Perchaimageattach 2025-04-11 N/A
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.