Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0679 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2013-03-22 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. | |||||
| CVE-2013-0671 | 1 Siemens | 1 Wincc Tia Portal | 2013-03-22 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. | |||||
| CVE-2013-0332 | 1 Zoneminder | 1 Zoneminder | 2013-03-21 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter. | |||||
| CVE-2013-2560 | 1 Foscam | 1 Fi8919w | 2013-03-20 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials. | |||||
| CVE-2013-1469 | 1 Piwigo | 1 Piwigo | 2013-03-19 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter. | |||||
| CVE-2013-1627 | 2 Advantech, Indusoft | 2 Advantech Studio, Web Studio | 2013-03-18 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function. | |||||
| CVE-2013-1081 | 1 Novell | 1 Zenworks Mobile Management | 2013-03-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter. | |||||
| CVE-2012-3011 | 1 Fultek | 1 Wintr Scada | 2013-03-02 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request. | |||||
| CVE-2012-4940 | 1 Gecad | 1 Axigen Free Mail Server | 2013-02-26 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI. | |||||
| CVE-2013-0705 | 1 Lsi | 1 3ware Disk Manager | 2013-02-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) before 2 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2012-2293 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2013-02-07 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path. | |||||
| CVE-2012-5051 | 1 Vmware | 1 Capacityiq | 2013-02-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2012-1671 | 1 Nicolas Tormo | 1 Phppaleo | 2013-01-31 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2012-5344 | 1 Kepler Lam | 1 Iptools | 2013-01-30 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a HTTP request. | |||||
| CVE-2012-5185 | 1 Olivetoast | 1 Documents Pro File Viewer | 2013-01-29 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Olive Toast Documents Pro File Viewer (formerly Files HD) app before 1.11.1 for iOS allows remote attackers to read or delete files by leveraging guest access. | |||||
| CVE-2013-0653 | 1 Ge | 3 Intelligent Platforms Proficy Hmi\/scada Cimplicity, Intelligent Platforms Proficy Process Systems, Intelligent Platforms Proficy Process Systems With Cimplicity | 2013-01-29 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet. | |||||
| CVE-2012-6276 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2013-01-28 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter. | |||||
| CVE-2012-6500 | 1 Pragyan Cms Project | 1 Pragyan Cms | 2013-01-23 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php. | |||||
| CVE-2012-5972 | 1 Specview | 1 Specview | 2013-01-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI. | |||||
| CVE-2012-6495 | 1 Moinmo | 1 Moinmoin | 2013-01-07 | 6.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code. | |||||