Total
5771 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-0911 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases. | |||||
CVE-2012-2919 | 1 Chevereto | 1 Chevereto | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Upload/engine.php in Chevereto 1.9.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the v parameter. | |||||
CVE-2013-5751 | 1 Sap | 1 Netweaver | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors. | |||||
CVE-2013-1079 | 1 Novell | 1 Zenworks Configuration Management | 2023-12-10 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls the Initialize method. | |||||
CVE-2013-1469 | 1 Piwigo | 1 Piwigo | 2023-12-10 | 4.0 MEDIUM | N/A |
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter. | |||||
CVE-2012-6038 | 1 Razorcms | 1 Razorcms | 2023-12-10 | 6.5 MEDIUM | N/A |
admin/core/admin_func.php in razorCMS before 1.2.1 does not properly restrict access to certain administrator directories and files, which allows remote authenticated users to read, edit, rename, move, copy and delete files via the (1) dir parameter in a fileman or (2) filemanview action. NOTE: this issue has been referred to as a "path traversal." | |||||
CVE-2012-3588 | 1 Wordpress | 2 Plugin Newsletter Plugin, Wordpress | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter. | |||||
CVE-2012-4878 | 1 Flatnux | 1 Flatnux | 2023-12-10 | 5.0 MEDIUM | N/A |
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. | |||||
CVE-2013-3504 | 1 Gwos | 1 Groundwork Monitor | 2023-12-10 | 5.5 MEDIUM | N/A |
Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to the nagios account. | |||||
CVE-2013-3654 | 1 Lockon | 1 Ec-cube | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_FormParam.php, a different vulnerability than CVE-2013-3650. | |||||
CVE-2012-6276 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2023-12-10 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter. | |||||
CVE-2013-5301 | 1 Trustport | 1 Webfilter | 2023-12-10 | 7.8 HIGH | N/A |
Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter. | |||||
CVE-2010-5102 | 1 Typo3 | 1 Typo3 | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in mod/tools/em/class.em_unzip.php in the unzip library in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote attackers to write arbitrary files via unspecified vectors. | |||||
CVE-2012-0186 | 1 Ibm | 1 Lotus Expeditor | 2023-12-10 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows remote attackers to discover the locations of files via a crafted URL. | |||||
CVE-2012-2194 | 1 Ibm | 1 Db2 | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors. | |||||
CVE-2013-1082 | 1 Novell | 1 Zenworks Mobile Management | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. | |||||
CVE-2014-0803 | 2 Google, Yuichiro Okuyama | 3 Android, Tetra Filer, Tetra Filer Free | 2023-12-10 | 5.8 MEDIUM | N/A |
Directory traversal vulnerability in the tetra filer application 2.3.1 and earlier for Android 4.0.3, tetra filer free application 2.3.1 and earlier for Android 4.0.3, tetra filer application 1.5.1 and earlier for Android before 4.0.3, and tetra filer free application 1.5.1 and earlier for Android before 4.0.3 allows attackers to overwrite or create arbitrary files via unspecified vectors. | |||||
CVE-2013-0262 | 1 Rack Project | 1 Rack | 2023-12-10 | 4.3 MEDIUM | N/A |
rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka "symlink path traversals." | |||||
CVE-2012-4135 | 1 Cisco | 1 Nx-os | 2023-12-10 | 4.6 MEDIUM | N/A |
Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. | |||||
CVE-2012-6064 | 1 Cmsmadesimple | 1 Cms Made Simple | 2023-12-10 | 3.5 LOW | N/A |
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files. |