Search Results (9577 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-5192 1 Bitweaver 1 Bitweaver 2025-04-11 N/A
Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.
CVE-2010-0958 1 Thomas Perez 1 Tribisur 2025-04-11 N/A
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-0944 2 Joomla, Thorsten Riess 2 Joomla\!, Com Jcollection 2025-04-11 N/A
Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2012-5051 1 Vmware 1 Capacityiq 2025-04-11 N/A
Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-1084 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.
CVE-2013-4900 1 Twilightcms 1 Twilight Cms 2025-04-11 N/A
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
CVE-2010-1081 2 Corejoomla, Joomla 2 Com Communitypolls, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-4153 1 Crossftp 1 Crossftp Pro 2025-04-11 N/A
Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-4154 1 Rhinosoft 1 Ftp Voyager 2025-04-11 N/A
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2013-5011 1 Symantec 1 Endpoint Protection 2025-04-11 N/A
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
CVE-2010-0759 2 Greatjoomla, Joomla 2 Scriptegrator Plugin, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760.
CVE-2010-0680 1 Zeuscms 1 Zeuscms 2025-04-11 N/A
Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
CVE-2011-4913 2 Linux, Novell 2 Linux Kernel, Suse Linux Enterprise Server 2025-04-11 N/A
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
CVE-2010-0676 2 Joomla, Weberr 2 Joomla\!, Com Rwcards 2025-04-11 N/A
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter.
CVE-2012-4347 1 Symantec 1 Messaging Gateway 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do.
CVE-2010-4399 1 Dynpg 1 Dynpg 2025-04-11 N/A
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-4946 2 Joomla, Thetricky 2 Joomla\!, Com Messaging 2025-04-11 N/A
Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-4804 2 Foobla, Joomla 2 Com Obsuggest, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2011-4715 1 Koha 2 Koha, Liblime Koha 2025-04-11 N/A
Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm.
CVE-2011-4712 1 Monoxide0184 1 Oxide Webserver 2025-04-11 N/A
Directory traversal vulnerability in Oxide WebServer allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request.