Total
6174 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4640 | 1 Spamtitan | 1 Webtitan | 2012-10-08 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action. | |||||
| CVE-2012-1471 | 1 Ocportal | 1 Ocportal | 2012-10-02 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2011-4450 | 1 Wikkawiki | 1 Wikkawiki | 2012-09-13 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. (dot dot) in the file parameter, as demonstrated by the /../../wikka.config.php pathname in a download action. | |||||
| CVE-2012-1467 | 1 Pkp | 1 Open Journal Systems | 2012-09-13 | 6.5 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. (dot dot) in the param parameter to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php. | |||||
| CVE-2012-4867 | 1 Vtiger | 1 Vtiger Crm | 2012-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the module_name parameter. | |||||
| CVE-2012-2968 | 1 Caucho | 1 Resin | 2012-09-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request. | |||||
| CVE-2011-4948 | 1 Egroupware | 2 Egroupware, Egroupware Enterprise Line | 2012-09-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in the type parameter. | |||||
| CVE-2012-1917 | 1 Atmail | 1 Atmail Open | 2012-08-29 | 5.0 MEDIUM | N/A |
| compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ (dot dot slash) sequences in the unique parameter, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ..././ (dot dot dot slash dot slash) sequence. | |||||
| CVE-2011-5127 | 2 Bluecoat, Microsoft | 2 Reporter, Windows | 2012-08-27 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | |||||
| CVE-2012-4356 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2012-08-20 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98. | |||||
| CVE-2012-3360 | 1 Openstack | 2 Essex, Folsom | 2012-08-17 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element. | |||||
| CVE-2011-2657 | 1 Novell | 1 Zenworks Configuration Management | 2012-07-27 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument. | |||||
| CVE-2012-2560 | 1 Wellintech | 1 Kingview | 2012-07-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001. | |||||
| CVE-2010-0933 | 1 Perforce | 1 Perforce Server | 2012-06-15 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command. | |||||
| CVE-2012-2597 | 1 Siemens | 1 Wincc | 2012-06-12 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. | |||||
| CVE-2012-2435 | 1 Pligg | 1 Pligg Cms | 2012-05-29 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the captcha parameter to module.php, as demonstrated by cross-site request forgery (CSRF) attacks. | |||||
| CVE-2011-1566 | 1 7t | 1 Igss | 2012-05-12 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397. | |||||
| CVE-2011-2468 | 1 Anymacro | 1 Anymacro Mail System | 2012-04-25 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web interface in AnyMacro Mail System G4X allows remote attackers to read arbitrary files via directory traversal sequences in a request. | |||||
| CVE-2011-4880 | 1 Atvise | 1 Webmi2ads | 2012-04-13 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request. | |||||
| CVE-2010-5086 | 1 Bitweaver | 1 Bitweaver | 2012-03-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter. | |||||