Total
5774 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1373 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. | |||||
CVE-2003-1351 | 1 Greg Billock | 1 Edittag | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | |||||
CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | |||||
CVE-2003-1542 | 1 Ondrej Jombik | 1 Phpwebfilemanager | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the fm_path parameter. | |||||
CVE-2002-2154 | 1 Monkey-project | 1 Monkey | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences. | |||||
CVE-2002-2240 | 1 Myserver | 1 Myserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. | |||||
CVE-2002-2256 | 1 Pwins | 1 Pwins | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters. | |||||
CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2023-12-10 | 4.3 MEDIUM | N/A |
parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | |||||
CVE-2003-1430 | 3 Epic Games, Linux, Microsoft | 3 Unreal Engine, Linux Kernel, All Windows | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | |||||
CVE-2003-1465 | 1 Phorum | 1 Phorum | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. | |||||
CVE-2004-1364 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2023-12-10 | 8.5 HIGH | N/A |
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | |||||
CVE-2004-0175 | 1 Openbsd | 1 Openssh | 2023-12-10 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. | |||||
CVE-2002-2416 | 1 Zeroo | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request. | |||||
CVE-2003-1501 | 1 Gast Arbeiter | 1 Gast Arbeiter | 2023-12-10 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attackers to write arbitrary files via a .. (dot dot) in the req_file parameter. |