Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4415 | 1 Phpgroupware | 1 Phpgroupware | 2017-08-16 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php. | |||||
| CVE-2009-4426 | 1 Launchpad | 1 Ignition | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php. | |||||
| CVE-2009-4435 | 1 Compmaster.prv.pl | 1 F3site | 2017-08-16 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php. | |||||
| CVE-2009-4512 | 1 Indymedia | 1 Oscailt | 2017-08-16 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Oscailt 3.3, when Use Friendly URL's is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the obj_id parameter. | |||||
| CVE-2009-4581 | 1 Roseonlinecms | 1 Roseonlinecms | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the admin parameter. | |||||
| CVE-2009-4645 | 1 Accellion | 1 Secure File Transfer Appliance | 2017-08-16 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. | |||||
| CVE-2009-4816 | 1 Andy Stedemos | 1 The Uploader | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in api/download_checker.php in MegaLab The Uploader 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2009-4946 | 2 Joomla, Thetricky | 2 Joomla\!, Com Messaging | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-0012 | 1 Transmissionbt | 1 Transmission | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file. | |||||
| CVE-2010-0146 | 1 Cisco | 1 Security Agent | 2017-08-16 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2010-0284 | 2 Microsoft, Novell | 2 Windows, Access Manager | 2017-08-16 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678. | |||||
| CVE-2010-0396 | 1 Debian | 1 Dpkg | 2017-08-16 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive. | |||||
| CVE-2009-0929 | 1 Nucleus Group | 1 Nucleus Cms | 2017-08-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2009-1558 | 1 Cisco | 1 Wvc54gca | 2017-08-16 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter. | |||||
| CVE-2009-1559 | 1 Cisco | 1 Wvc54gca | 2017-08-16 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible. | |||||
| CVE-2009-1730 | 1 Netmechanica | 1 Netdecision Tftp Server | 2017-08-16 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command. | |||||
| CVE-2009-1737 | 1 Diqiye | 1 Mypic | 2017-08-16 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in arbitrary directories via a .. (dot dot) in the dir parameter. | |||||
| CVE-2009-2047 | 1 Cisco | 6 Crs, Customer Response Applications, Ip Qm and 3 more | 2017-08-16 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified vectors. | |||||
| CVE-2009-2007 | 1 Dokeos | 1 Dokeos | 2017-08-16 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) read arbitrary files via a .. (dot dot) in the doc_url parameter to main/exercice/Hpdownload.php. | |||||
| CVE-2009-2444 | 1 Adbnewssender | 1 Adbnewssender | 2017-08-16 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php. | |||||