Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2643 | 1 Phpmyadmin | 1 Phpmyadmin | 2017-08-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter. | |||||
| CVE-2017-11587 | 1 Cisco | 2 Residential Gateway, Residential Gateway Firmware | 2017-08-26 | 5.0 MEDIUM | 7.5 HIGH |
| On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is directory traversal in the filename parameter to the /download.conf URI. | |||||
| CVE-2015-0781 | 1 Novell | 1 Zenworks Configuration Management | 2017-08-18 | 7.5 HIGH | 9.8 CRITICAL |
| Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors. | |||||
| CVE-2011-1359 | 1 Ibm | 1 Websphere Application Server | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2011-1389 | 1 Ibm | 3 Rational License Key Server, Rational License Server, Telelogic License Server | 2017-08-16 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-4135. | |||||
| CVE-2011-1589 | 1 Mojolicious | 1 Mojolicious | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI. | |||||
| CVE-2011-1607 | 1 Cisco | 1 Unified Communications Manager | 2017-08-16 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603. | |||||
| CVE-2011-1688 | 1 Bestpractical | 1 Rt | 2017-08-16 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote attackers to read arbitrary files via a crafted HTTP request. | |||||
| CVE-2011-1669 | 2 Mikoviny, Wordpress | 2 Wp Custom Pages, Wordpress | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter. | |||||
| CVE-2011-1715 | 2 Eyeos, Qooxdoo | 2 Eyeos, Qooxdoo | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f (encoded dot dot) sequences in the file parameter. | |||||
| CVE-2010-3606 | 1 Netartmedia | 1 Real Estate Portal | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters. | |||||
| CVE-2010-4107 | 1 Hp | 8 9000, Color Laserjet Mfp, Laserjet 4100 and 5 more | 2017-08-16 | 7.8 HIGH | N/A |
| The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers to read arbitrary files via a command inside a print job, as demonstrated by a directory traversal attack. | |||||
| CVE-2010-4148 | 1 Anyconnect | 1 Anyconnect | 2017-08-16 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
| CVE-2010-4153 | 1 Crossftp | 1 Crossftp Pro | 2017-08-16 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
| CVE-2010-4154 | 1 Rhinosoft | 1 Ftp Voyager | 2017-08-16 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | |||||
| CVE-2010-4181 | 1 Yaws | 1 Yaws | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences. | |||||
| CVE-2010-4617 | 2 Joomla, Kanich | 2 Joomla\!, Com Jotloader | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | |||||
| CVE-2010-4622 | 1 Ibm | 2 Aix, Tivoli Access Manager For E-business | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI. | |||||
| CVE-2010-4719 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2017-08-16 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
| CVE-2010-4798 | 1 Orangehrm | 1 Orangehrm | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter. | |||||