Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2836 | 1 Hiki | 1 Hiki | 2017-07-28 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename that is marked for deletion at logout. | |||||
| CVE-2007-0898 | 1 Clam Anti-virus | 1 Clamav | 2017-07-28 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message. | |||||
| CVE-2007-1042 | 1 Xpression News | 1 Xpression News | 2017-07-28 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1076 | 1 Phptraffica | 1 Phptraffica | 2017-07-28 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php. | |||||
| CVE-2007-1773 | 1 Unverse.net | 1 Abitwhizzy | 2017-07-28 | 2.6 LOW | N/A |
| Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a .. (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php, different vectors than CVE-2006-6384. | |||||
| CVE-2003-1345 | 1 Follett Software | 1 Webcollection Plus | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. | |||||
| CVE-2003-1349 | 1 Thomas Krebs | 1 Niteserver Ftpd | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command. | |||||
| CVE-2003-1351 | 1 Greg Billock | 1 Edittag | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | |||||
| CVE-2003-1373 | 1 Phpbb Group | 1 Phpbb | 2017-07-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. | |||||
| CVE-2003-1380 | 1 Bisonftp | 1 Bisonftp Server 4 | 2017-07-28 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | |||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2017-07-28 | 4.3 MEDIUM | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | |||||
| CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2017-07-28 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | |||||
| CVE-2003-1430 | 3 Epic Games, Linux, Microsoft | 3 Unreal Engine, Linux Kernel, All Windows | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | |||||
| CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2017-07-28 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | |||||
| CVE-2003-1465 | 1 Phorum | 1 Phorum | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. | |||||
| CVE-2002-2233 | 1 Mollensoft Software | 1 Enceladus Server Suite | 2017-07-28 | 8.3 HIGH | N/A |
| Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..". | |||||
| CVE-2002-2238 | 1 Kunani | 1 Kunani Odbc Ftp Server | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in a GET request. | |||||
| CVE-2003-1499 | 1 Bytehoard | 1 Bytehoard | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Bytehoard 0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the infolder parameter. | |||||
| CVE-2003-1501 | 1 Gast Arbeiter | 1 Gast Arbeiter | 2017-07-28 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attackers to write arbitrary files via a .. (dot dot) in the req_file parameter. | |||||
| CVE-2002-2240 | 1 Myserver | 1 Myserver | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. | |||||