Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1973 | 1 Nextapp | 1 File Explorer | 2015-08-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | |||||
| CVE-2014-1975 | 1 R-company | 1 Unzipper | 2015-07-30 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | |||||
| CVE-2014-5319 | 1 S-link | 1 Slfilemanager | 2015-07-29 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the S-Link SLFileManager application 1.2.5 and earlier for Android allows remote attackers to write to files via unspecified vectors. | |||||
| CVE-2014-2314 | 2 Atlassian, Microsoft | 2 Jira, Windows | 2015-07-29 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors. | |||||
| CVE-2014-1843 | 1 Southrivertech | 1 Titan Ftp Server | 2015-07-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. | |||||
| CVE-2014-1842 | 1 Southrivertech | 1 Titan Ftp Server | 2015-07-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. | |||||
| CVE-2014-1841 | 1 Southrivertech | 1 Titan Ftp Server | 2015-07-29 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter. | |||||
| CVE-2013-6177 | 1 Emc | 1 Document Sciences Xpression | 2015-07-22 | 3.5 LOW | N/A |
| Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary files by leveraging xDashboard access. | |||||
| CVE-2015-2970 | 1 Lemon-s Php | 1 Simple Oekaki | 2015-07-13 | 6.4 MEDIUM | N/A |
| index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter. | |||||
| CVE-2014-1836 | 1 Impresscms | 1 Impresscms | 2015-07-02 | 6.4 MEDIUM | N/A |
| Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action. | |||||
| CVE-2014-9734 | 1 Themepunch | 1 Slider Revolution | 2015-07-01 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. | |||||
| CVE-2015-2966 | 1 Droidwareuk | 1 Explorer\+ File Manager | 2015-07-01 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the Droidware UK Explorer+ File Manager application before 2.3.3 for Android allows remote attackers to write to arbitrary files via unspecified vectors. | |||||
| CVE-2015-3337 | 1 Elasticsearch | 1 Elasticsearch | 2015-06-25 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2014-8606 | 1 Xcloner | 1 Xcloner | 2015-06-11 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to read arbitrary files via a .. (dot dot) in the file parameter in a json_return action in the xcloner_show page to wp-admin/admin-ajax.php. | |||||
| CVE-2014-6222 | 1 Ibm | 1 Marketing Operations | 2015-06-08 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2010-5323 | 1 Novell | 1 Zenworks Configuration Management | 2015-06-08 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parameter in conjunction with WAR content in the POST data, a different vulnerability than CVE-2010-5324. | |||||
| CVE-2015-1550 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2015-05-29 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors. | |||||
| CVE-2015-0171 | 1 Ibm | 1 Security Siteprotector System | 2015-05-26 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to write to arbitrary files via unspecified vectors. | |||||
| CVE-2015-1398 | 1 Magento | 1 Magento | 2015-05-12 | 6.5 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via (1) .. (dot dot) sequences in the PATH_INFO to index.php or (2) vectors involving a block value in the ___directive parameter to the Cms_Wysiwyg controller in the Adminhtml module, related to the blockDirective function and the auto loading mechanism. NOTE: vector 2 might not cross privilege boundaries, since administrators might already have the privileges to execute code and upload files. | |||||
| CVE-2015-0911 | 1 Dounokouno | 1 Transmitmail | 2015-04-24 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling. | |||||