Total
8534 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1060 | 1 Phpkobo | 1 Short Url | 2025-04-11 | N/A |
| Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. | ||||
| CVE-2011-0203 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing. | ||||
| CVE-2011-4715 | 1 Koha | 2 Koha, Liblime Koha | 2025-04-11 | N/A |
| Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm. | ||||
| CVE-2011-0329 | 1 Dell | 1 Dellsystemlite.scanner Activex Control | 2025-04-11 | N/A |
| Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter. | ||||
| CVE-2011-0345 | 1 Alcatel-lucent | 1 Omnivista | 2025-04-11 | N/A |
| Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable. | ||||
| CVE-2011-0405 | 1 Phpgedview | 1 Phpgedview | 2025-04-11 | N/A |
| Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter. | ||||
| CVE-2011-0426 | 1 Vmware | 2 Vcenter, Virtualcenter | 2025-04-11 | N/A |
| Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2011-0497 | 1 Sybase | 4 Appeon For Powerbuilder, Easerver, Replication Server and 1 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request. | ||||
| CVE-2011-0506 | 1 Tsixm | 1 Axdcms | 2025-04-11 | N/A |
| Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to execute arbitrary code via a .. (dot dot) in the aXconf[default_language] parameter. | ||||
| CVE-2010-1062 | 1 Phpkobo | 1 Free Real Estate Contact Form Script | 2025-04-11 | N/A |
| Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-2215 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request. | ||||
| CVE-2012-5185 | 1 Olivetoast | 1 Documents Pro File Viewer | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Olive Toast Documents Pro File Viewer (formerly Files HD) app before 1.11.1 for iOS allows remote attackers to read or delete files by leveraging guest access. | ||||
| CVE-2011-0698 | 2 Djangoproject, Microsoft | 2 Django, Windows | 2025-04-11 | N/A |
| Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays. | ||||
| CVE-2010-5086 | 1 Bitweaver | 1 Bitweaver | 2025-04-11 | N/A |
| Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter. | ||||
| CVE-2009-4815 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | ||||
| CVE-2010-0501 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames. | ||||
| CVE-2010-0287 | 1 Dokuwiki | 1 Dokuwiki | 2025-04-11 | N/A |
| Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter. | ||||
| CVE-2010-1115 | 1 Comscripts | 1 Web Server Creator Web Portal | 2025-04-11 | N/A |
| Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. | ||||
| CVE-2010-1110 | 1 Djayp | 1 Phpmysport | 2025-04-11 | N/A |
| Directory traversal vulnerability in index.php in phpMySport 1.4 allows remote attackers to list arbitrary directories via a .. (dot dot) in the current_folder parameter. | ||||
| CVE-2011-1359 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||