Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14514 | 1 Tenda | 2 W15e, W15e Firmware | 2017-09-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL. | |||||
| CVE-2015-1490 | 1 Symantec | 1 Endpoint Protection Manager | 2017-09-20 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package. | |||||
| CVE-2013-2900 | 3 Debian, Google, Microsoft | 3 Debian Linux, Chrome, Windows | 2017-09-18 | 7.5 HIGH | N/A |
| The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. | |||||
| CVE-2012-5978 | 1 Vmware | 1 View | 2017-09-18 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-0911 | 1 Google | 1 Chrome | 2017-09-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases. | |||||
| CVE-2011-0071 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Seamonkey and 1 more | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. | |||||
| CVE-2010-1391 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-18 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involving a (1) %2f and .. (dot dot) or (2) %5c and .. (dot dot) in a URL. | |||||
| CVE-2009-4683 | 1 Scriptsez | 1 Good\/bad Vote | 2017-09-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4626 | 1 Phpnagios | 1 Phpnagios | 2017-09-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the conf[lang] parameter. | |||||
| CVE-2009-4627 | 1 Dan Brown | 1 Moa Gallery | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the p_filename parameter, a different issue than CVE-2009-4614. | |||||
| CVE-2009-4665 | 1 Cutesoft Components | 1 Cute Editor For Asp.net | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2009-4672 | 2 Grupenet, Wordpress | 2 Wp-lytebox, Wordpress | 2017-09-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in main.php in the WP-Lytebox plugin 1.3 for WordPress allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pg parameter. | |||||
| CVE-2009-4700 | 1 Skadate | 1 Skadate Online Dating Software | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in SkaDate Dating allows remote attackers to read arbitrary files via a .. (dot dot) in the layout parameter. | |||||
| CVE-2009-4723 | 1 Netpet | 1 Netpet Cms | 2017-09-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||||
| CVE-2009-4725 | 1 Arabportal | 1 Arab Portal | 2017-09-18 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | |||||
| CVE-2009-4726 | 1 Olivier Michaud Pierre-yves | 1 Quickdev4php | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2009-4800 | 1 Sysax | 1 Multi Server | 2017-09-18 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command. | |||||
| CVE-2009-4809 | 1 Sharing-file | 1 Easy File Sharing Web Server | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in thumbnail.ghp in Easy File Sharing (EFS) Web Server 4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the vfolder parameter. | |||||
| CVE-2009-4957 | 1 Interspire | 1 Activekb | 2017-09-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in loadpanel.php in Interspire ActiveKB allows remote attackers to read arbitrary files and possibly have unspecified other impact via directory traversal sequences in the Panel parameter. | |||||
| CVE-2009-4960 | 1 Lanai-core | 1 Lanai-core | 2017-09-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules/backup/download.php in Lanai Core 0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||