Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-10037 | 1 Domphp | 1 Domphp | 2017-09-07 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php. | |||||
| CVE-2014-5368 | 1 Wp Content Source Control Project | 1 Wp Content Source Control | 2017-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter. | |||||
| CVE-2014-6394 | 3 Apple, Fedoraproject, Joyent | 3 Xcode, Fedora, Node.js | 2017-09-07 | 7.5 HIGH | N/A |
| visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory. | |||||
| CVE-2014-6095 | 1 Ibm | 1 Security Identity Manager | 2017-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2014-6149 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2017-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2014-6154 | 3 Ibm, Linux, Microsoft | 3 Optim Performance Manager, Linux Kernel, Windows | 2017-09-07 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2014-6155 | 1 Ibm | 1 Websphere Service Registry And Repository | 2017-09-07 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2014-6158 | 1 Ibm | 2 Pureapplication System, Workload Deployer | 2017-09-07 | 9.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the file-upload feature in IBM PureApplication System 1.0 before 1.0.0.4 iFix 10, 1.1 before 1.1.0.5, and 2.0 before 2.0.0.1 and Workload Deployer 3.1.0.7 before IF5 allow remote authenticated users to execute arbitrary code via a (1) Script Package, (2) Add-On, or (3) Emergency Fixes component. | |||||
| CVE-2014-6182 | 1 Ibm | 1 Business Process Manager | 2017-09-07 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in an export function in the Process Center in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3 and 8.5.x through 8.5.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2014-6194 | 1 Ibm | 12 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 9 more | 2017-09-07 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in an unspecified web form in IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX007, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to read arbitrary files via a .. (dot dot) in a pathname. | |||||
| CVE-2014-8727 | 1 F5 | 1 Big-ip Local Traffic Manager | 2017-09-07 | 6.2 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tmui/system/archive/properties.jsp or (2) tmui/Control/form. | |||||
| CVE-2014-9119 | 1 Db Backup Project | 1 Db Backup | 2017-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and earlier for Wordpress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2014-9452 | 1 Vdgsecurity | 1 Vdg Sense | 2017-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI to images/. | |||||
| CVE-2014-9436 | 1 Sysaid | 1 Sysaid | 2017-09-07 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile. | |||||
| CVE-2014-9574 | 1 Fluxbb | 1 Fluxbb | 2017-09-07 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter. | |||||
| CVE-2015-1589 | 1 Archmage Project | 1 Archmage | 2017-09-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. (dot dot) in a CHM file. | |||||
| CVE-2015-1198 | 1 Linux-ha | 1 Ha | 2017-09-06 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5. | |||||
| CVE-2015-1876 | 1 Estrongs | 1 Es File Explorer | 2017-09-06 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in ES File Explorer 3.2.4.1. | |||||
| CVE-2014-8163 | 1 Redhat | 1 Satellite | 2017-09-05 | 5.5 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5. | |||||
| CVE-2015-1199 | 1 Ppmd Project | 1 Ppmd | 2017-09-05 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in ppmd 10.1-5. | |||||