Total
7984 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4813 | 1 Whmcs | 1 Whmcompletesolution | 2025-04-11 | N/A |
| Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templatefile parameter. | ||||
| CVE-2013-7174 | 1 Qnap | 1 Qts | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. | ||||
| CVE-2012-2227 | 1 Pluxml | 1 Pluxml | 2025-04-11 | N/A |
| Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | ||||
| CVE-2010-0926 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-11 | N/A |
| The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options. | ||||
| CVE-2013-4702 | 1 Lockon | 1 Ec-cube | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbitrary files via vectors involving a (1) Operation, (2) Service, (3) Style, (4) Validate, or (5) Version value. | ||||
| CVE-2013-5692 | 1 X2engine | 1 X2crm | 2025-04-11 | N/A |
| Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php/admin/translationManager. | ||||
| CVE-2011-4835 | 1 Homeseer | 1 Homeseer Hs2 | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | ||||
| CVE-2010-1466 | 1 Francois Raynaud | 1 Openurgence Vaccin | 2025-04-11 | N/A |
| Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter. | ||||
| CVE-2010-4719 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | ||||
| CVE-2010-1928 | 1 Openmairie | 1 Openplanning | 2025-04-11 | N/A |
| Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. | ||||
| CVE-2012-2202 | 1 Ibm | 3 Lotus Protector For Mail Security, Proventia Network Mail Security System, Proventia Network Mail Security System Firmware | 2025-04-11 | N/A |
| Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2013-5219 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2025-04-11 | N/A |
| Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd. | ||||
| CVE-2010-4769 | 2 Janguo, Joomla | 2 Com Jimtawl, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php. | ||||
| CVE-2013-2117 | 2 Jason A Donenfeld, Lars Hjemli | 2 Cgit, Cgit | 2025-04-11 | N/A |
| Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | ||||
| CVE-2013-5648 | 1 Id | 2 Id-software, Libdigidoc | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / (slash) or \ (backslash) in a DDOC file. | ||||
| CVE-2010-1717 | 1 If Surfalert Project | 1 If Surfalert | 2025-04-11 | N/A |
| Directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-2259 | 2 Joomla, Tamlyncreative | 4 Joomla\!, Com Bfsurvey Basic, Com Bfsurvey Pro and 1 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2012-1712 | 1 Oracle | 1 Glassfish Web Space Server10.0 | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors. | ||||
| CVE-2013-1079 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls the Initialize method. | ||||
| CVE-2010-1935 | 1 Openmairie | 1 Openpresse | 2025-04-11 | N/A |
| Directory traversal vulnerability in scr/soustab.php in openMairie Openpresse 1.01, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. | ||||