Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6080 | 1 Moinmo | 1 Moinmoin | 2013-01-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a file name. | |||||
| CVE-2012-4616 | 1 Emc | 1 Data Protection Advisor | 2012-12-27 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2012-1712 | 1 Oracle | 1 Glassfish Web Space Server10.0 | 2012-12-21 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors. | |||||
| CVE-2012-5969 | 1 Huawei | 2 E585, E585u-82 | 2012-12-19 | 4.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi. | |||||
| CVE-2012-4991 | 1 Axway | 1 Securetransport | 2012-12-13 | 8.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI. | |||||
| CVE-2011-4788 | 1 Hp | 3 Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System | 2012-11-28 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI. | |||||
| CVE-2010-5286 | 2 Joobi, Joomla | 2 Com Jstore, Joomla\! | 2012-11-27 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2008-3071 | 1 Mybb | 1 Mybb | 2012-11-27 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable. | |||||
| CVE-2012-4959 | 1 Novell | 1 File Reporter | 2012-11-19 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. | |||||
| CVE-2012-4958 | 1 Novell | 1 File Reporter | 2012-11-19 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. | |||||
| CVE-2012-4957 | 1 Novell | 1 File Reporter | 2012-11-19 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record. | |||||
| CVE-2010-2452 | 1 Kvirc | 1 Kvirc | 2012-11-06 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors. | |||||
| CVE-2012-0232 | 1 Ge | 1 Intelligent Platforms Proficy Real-time Information Portal | 2012-11-01 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6, 3.0, 3.0 SP1, and 3.5 allows remote attackers to modify the configuration via crafted strings. | |||||
| CVE-2007-5831 | 1 Ssl-explorer | 1 Ssl-explorer | 2012-10-31 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attackers to access arbitrary files via directory traversal sequences in the path parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-0294 | 1 Symantec | 1 Endpoint Protection | 2012-10-30 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors. | |||||
| CVE-2007-6672 | 1 Mortbay Jetty | 1 Jetty | 2012-10-30 | 5.0 MEDIUM | N/A |
| Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI. | |||||
| CVE-2007-5684 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2012-10-24 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in (1) error_handler_file and (2) local_php parameters to (a) tiki-index.php, or (3) encoded "..%2F" sequences in the imp_language parameter to tiki-imexport_languages.php. | |||||
| CVE-2009-1523 | 1 Mortbay | 1 Jetty | 2012-10-23 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI. | |||||
| CVE-2012-5386 | 1 Nicolas Tormo | 1 Phppaleo | 2012-10-22 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phpPaleo 4.8b180 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the phppaleo4_lang cookie, a different vulnerability than CVE-2012-1671. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-5208 | 2 Backwpup, Wordpress | 2 Backwpup, Wordpress | 2012-10-09 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the wpabs parameter to (1) app/options-view_log-iframe.php or (2) app/options-runnow-iframe.php. | |||||