Vulnerabilities (CVE)

Filtered by CWE-22
Total 5713 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-3305 1 Ibm 1 Websphere Application Server 2023-12-10 6.4 MEDIUM N/A
Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file.
CVE-2009-5067 1 Html2ps Project 1 Html2ps 2023-12-10 4.3 MEDIUM N/A
Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices.
CVE-2013-0895 4 Apple, Google, Linux and 1 more 4 Mac Os X, Chrome, Linux Kernel and 1 more 2023-12-10 7.5 HIGH N/A
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors.
CVE-2013-1608 1 Symantec 1 Netbackup Appliance 2023-12-10 6.7 MEDIUM N/A
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-6069 1 3s-software 1 Codesys Runtime System 2023-12-10 10.0 HIGH N/A
Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a .. (dot dot) in a request to the TCP listener service.
CVE-2011-5127 2 Bluecoat, Microsoft 2 Reporter, Windows 2023-12-10 10.0 HIGH N/A
Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.
CVE-2013-3650 1 Lockon 1 Ec-cube 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LC_Page_ResizeImage.php in LOCKON EC-CUBE before 2.12.5 allows remote attackers to read arbitrary image files via vectors involving the image parameter to resize_image.php, a different vulnerability than CVE-2013-3654.
CVE-2011-5210 1 Limny 1 Limny 2023-12-10 6.8 MEDIUM N/A
Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the theme parameter.
CVE-2013-5979 1 Springsignage 1 Xibo 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php.
CVE-2012-2227 1 Pluxml 1 Pluxml 2023-12-10 7.5 HIGH N/A
Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.
CVE-2012-2208 1 Piwigo 1 Piwigo 2023-12-10 7.5 HIGH N/A
Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVE-2012-0410 1 Novell 1 Groupwise 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
CVE-2012-5331 1 Nasir Khan 1 Asaancart 2023-12-10 6.8 MEDIUM N/A
Directory traversal vulnerability in asaanCart 0.9 allows remote attackers to include arbitrary local files via a .. (dot dot) in the page parameter to index.php.
CVE-2012-1841 2 Dell, Quantum 7 Powervault Ml6000, Powervault Ml6000 Firmware, Powervault Ml6010 and 4 more 2023-12-10 5.0 MEDIUM N/A
Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter.
CVE-2012-4131 1 Cisco 1 Nx-os 2023-12-10 4.6 MEDIUM N/A
Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164.
CVE-2013-2560 1 Foscam 1 Fi8919w 2023-12-10 7.8 HIGH N/A
Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.
CVE-2012-2181 1 Ibm 1 Websphere Portal 2023-12-10 5.0 MEDIUM N/A
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.
CVE-2012-6495 1 Moinmo 1 Moinmoin 2023-12-10 6.0 MEDIUM N/A
Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.
CVE-2013-0831 2 Google, Opensuse 2 Chrome, Opensuse 2023-12-10 7.5 HIGH N/A
Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process.
CVE-2012-1112 1 Open-realty 1 Open-realty 2023-12-10 6.8 MEDIUM N/A
Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the select_users_template parameter to index.php.