Total
5830 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-4426 | 1 Launchpad | 1 Ignition | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php. | |||||
CVE-2010-4399 | 1 Dynpg | 1 Dynpg | 2023-12-10 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-4790 | 1 In-mediakg | 1 Filterftp | 2023-12-10 | 5.8 MEDIUM | N/A |
Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4726 | 1 Olivier Michaud Pierre-yves | 1 Quickdev4php | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
CVE-2010-1057 | 1 Phpkobo | 1 Adfreely | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php in (1) codelib/cfg/, (2) codelib/sys/, (3) staff/, and (4) staff/app/; and (5) staff/file.php. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-3098 | 1 Ftprush | 1 Ftprush | 2023-12-10 | 9.3 HIGH | N/A |
Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 and possibly earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
CVE-2011-4810 | 1 Whmcs | 1 Whmcompletesolution | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php. | |||||
CVE-2010-4867 | 1 W-agora | 1 W-agora | 2023-12-10 | 7.5 HIGH | N/A |
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parameter. | |||||
CVE-2011-1586 | 1 Kde | 1 Kde Sc | 2023-12-10 | 5.8 MEDIUM | N/A |
Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000. | |||||
CVE-2012-1221 | 1 Rabidhamster | 2 R2\/, R2\/extreme | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command. | |||||
CVE-2011-4716 | 1 Dream-multimedia-tv | 4 Dreambox Dm800 Hd Pvr, Dreambox Dm800 Hd Pvr Firmware, Dreambox Dm800 Hd Se and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter. | |||||
CVE-2010-1466 | 1 Francois Raynaud | 1 Openurgence Vaccin | 2023-12-10 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter. | |||||
CVE-2010-3450 | 3 Apache, Canonical, Debian | 3 Openoffice, Ubuntu Linux, Debian Linux | 2023-12-10 | 9.3 HIGH | N/A |
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files. | |||||
CVE-2011-3500 | 1 Cogentdatahub | 1 Cogent Datahub | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. | |||||
CVE-2010-2018 | 1 Bukulokomedia | 1 Lokomedia Cms | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
CVE-2010-1719 | 2 Joomla, Moto-treks | 2 Joomla\!, Com Mtfireeagle | 2023-12-10 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
CVE-2011-0329 | 1 Dell | 1 Dellsystemlite.scanner Activex Control | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter. | |||||
CVE-2010-2676 | 1 Openwebanalytics | 1 Open Web Analytics | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the (1) owa_action and (2) owa_do parameters. | |||||
CVE-2010-1951 | 1 60cyclecms Project | 1 60cyclecms | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php. | |||||
CVE-2010-2307 | 1 Motorola | 1 Surfboard Sbv6120e | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. |