Total
5771 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4524 | 1 Moodle | 1 Moodle | 2023-12-10 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path. | |||||
| CVE-2010-5278 | 1 Modx | 1 Modx Revolution | 2023-12-10 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-4347 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do. | |||||
| CVE-2013-5688 | 1 Ajaxplorer | 1 Ajaxplorer | 2023-12-10 | 5.5 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action. | |||||
| CVE-2012-4958 | 1 Novell | 1 File Reporter | 2023-12-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. | |||||
| CVE-2010-0746 | 1 Fedoraproject | 1 Fedora | 2023-12-10 | 6.2 MEDIUM | N/A |
| Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operating systems, allows local users to gain privileges via .. (dot dot) sequences in the label for a pluggable storage device. | |||||
| CVE-2013-3042 | 1 Ibm | 2 Rational Software Architect Design Manager, Rhapsody Design Manager | 2023-12-10 | 2.1 LOW | N/A |
| Directory traversal vulnerability in the server in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files. | |||||
| CVE-2012-4701 | 1 Tridium | 1 Niagara Ax | 2023-12-10 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature. | |||||
| CVE-2013-0679 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2023-12-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. | |||||
| CVE-2013-2978 | 1 Ibm | 1 Cognos Business Intelligence | 2023-12-10 | 2.1 LOW | N/A |
| Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2988. | |||||
| CVE-2012-5687 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2023-12-10 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI. | |||||
| CVE-2012-4356 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98. | |||||
| CVE-2012-2435 | 1 Pligg | 1 Pligg Cms | 2023-12-10 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the captcha parameter to module.php, as demonstrated by cross-site request forgery (CSRF) attacks. | |||||
| CVE-2012-4596 | 1 Mcafee | 1 Email Gateway | 2023-12-10 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL. | |||||
| CVE-2013-6000 | 1 Tattyan | 1 Tattyan Hptown | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request. | |||||
| CVE-2013-3923 | 1 Savysoda | 1 Wifi Free Hd | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request. | |||||
| CVE-2012-5907 | 1 Tomatocart | 1 Tomatocart | 2023-12-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter in a "3" action. | |||||
| CVE-2012-0294 | 1 Symantec | 1 Endpoint Protection | 2023-12-10 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors. | |||||
| CVE-2013-5528 | 1 Cisco | 1 Unified Communications Manager | 2023-12-10 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815. | |||||
| CVE-2012-0987 | 1 Impresscms | 1 Impresscms | 2023-12-10 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the icmsConfigPlugins[sanitizer_plugins][] parameter. | |||||