Search Results (9583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4282 1 Artica 1 Pandora Fms 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php.
CVE-2011-4431 1 Merethis 1 Centreon 2025-04-11 N/A
Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.
CVE-2012-3360 1 Openstack 2 Essex, Folsom 2025-04-11 N/A
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element.
CVE-2010-4651 1 Gnu 1 Gnu Patch 2025-04-11 N/A
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
CVE-2010-3084 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2025-04-11 N/A
Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.
CVE-2010-4801 1 Baconmap 1 Baconmap 2025-04-11 N/A
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter.
CVE-2010-3910 1 Vtiger 1 Vtiger Crm 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the return_application_language function in include/utils/utils.php in vtiger CRM before 5.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang_crm parameter to phprint.php or (2) the current_language parameter in an Accounts Import action to graph.php.
CVE-2009-4672 2 Grupenet, Wordpress 2 Wp-lytebox, Wordpress 2025-04-11 N/A
Directory traversal vulnerability in main.php in the WP-Lytebox plugin 1.3 for WordPress allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pg parameter.
CVE-2010-3096 1 Softx 1 Ftp Client 2025-04-11 N/A
Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP servers to write arbitrary files via "..\" (dot dot backslash) sequences in a filename.
CVE-2010-3097 1 Winfrigate 1 Frigate 3 2025-04-11 N/A
Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2011-2468 1 Anymacro 1 Anymacro Mail System 2025-04-11 N/A
Directory traversal vulnerability in the web interface in AnyMacro Mail System G4X allows remote attackers to read arbitrary files via directory traversal sequences in a request.
CVE-2011-2508 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.
CVE-2011-3229 1 Apple 1 Safari 2025-04-11 N/A
Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.
CVE-2011-3305 1 Cisco 2 Nac Appliance, Nac Manager 2025-04-11 N/A
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.
CVE-2010-2655 1 Ibm 2 Advanced Management Module, Bladecenter 2025-04-11 N/A
Directory traversal vulnerability in private/file_management.php on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allows remote authenticated users to list arbitrary directories and possibly have unspecified other impact via a .. (dot dot) in the DIR parameter.
CVE-2009-4726 1 Olivier Michaud Pierre-yves 1 Quickdev4php 2025-04-11 N/A
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2010-3098 1 Ftprush 1 Ftprush 2025-04-11 N/A
Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 and possibly earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2011-4168 1 Hp 1 Managed Printing Administration 2025-04-11 N/A
Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
CVE-2011-5141 1 Obm 1 Open Business Management 2025-04-11 N/A
Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the module parameter in an export_page action.
CVE-2009-4679 2 Inertialfate, Joomla 2 Com If Nexus, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.