Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4031 | 1 Wangkongbao | 2 Cns-1000, Cns-1100 | 2017-08-29 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85. | |||||
| CVE-2012-3588 | 1 Wordpress | 2 Plugin Newsletter Plugin, Wordpress | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter. | |||||
| CVE-2012-3324 | 2 Ibm, Microsoft | 8 Db2, Db2 Connect, Windows 2000 and 5 more | 2017-08-29 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. | |||||
| CVE-2012-3305 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file. | |||||
| CVE-2012-2919 | 1 Chevereto | 1 Chevereto | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Upload/engine.php in Chevereto 1.9.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the v parameter. | |||||
| CVE-2012-2227 | 1 Pluxml | 1 Pluxml | 2017-08-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | |||||
| CVE-2012-2215 | 1 Novell | 1 Zenworks Configuration Management | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request. | |||||
| CVE-2012-2208 | 1 Piwigo | 1 Piwigo | 2017-08-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2012-2181 | 1 Ibm | 1 Websphere Portal | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL. | |||||
| CVE-2012-1617 | 1 Juan Ramon | 1 Osclass | 2017-08-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files. | |||||
| CVE-2012-1289 | 1 Sap | 1 Netweaver | 2017-08-29 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component. | |||||
| CVE-2012-1221 | 1 Rabidhamster | 2 R2\/, R2\/extreme | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command. | |||||
| CVE-2012-1207 | 1 Fork-cms | 1 Fork Cms | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in frontend/core/engine/javascript.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter to frontend/js.php. | |||||
| CVE-2012-1196 | 1 Landesk | 1 Lenovo Thinkmanagement Console | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request. | |||||
| CVE-2012-1112 | 1 Open-realty | 1 Open-realty | 2017-08-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the select_users_template parameter to index.php. | |||||
| CVE-2012-1024 | 1 Dream-multimedia-tv | 1 Enigma2 Webinterface | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2012-0991 | 1 Openemr | 1 Openemr | 2017-08-29 | 3.5 LOW | N/A |
| Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter. | |||||
| CVE-2012-0981 | 1 Kybernetika | 1 Phpshowtime | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. NOTE: Some of these details are obtained from third party information. | |||||
| CVE-2012-0907 | 1 Neoaxis | 1 Neoaxis Web Player | 2017-08-29 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip ZIP archive. | |||||
| CVE-2012-0898 | 2 Camaleo, Wordpress | 2 Myeasybackup, Wordpress | 2017-08-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter. | |||||