Total
7458 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0598 | 1 Novell | 1 Open Enterprise Server | 2025-04-12 | N/A |
| Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors. | ||||
| CVE-2015-5149 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2025-04-12 | N/A |
| Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Request component to workorder/Attachment.jsp. | ||||
| CVE-2013-2085 | 1 Owncloud | 1 Owncloud | 2025-04-12 | N/A |
| Directory traversal vulnerability in apps/files_trashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. (dot dot) in the dir parameter. | ||||
| CVE-2015-1589 | 1 Archmage Project | 1 Archmage | 2025-04-12 | N/A |
| Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. (dot dot) in a CHM file. | ||||
| CVE-2014-6035 | 1 Zohocorp | 1 Manageengine Opmanager | 2025-04-12 | N/A |
| Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a .. (dot dot) in the FILENAME parameter. | ||||
| CVE-2013-1806 | 1 Php-fusion | 1 Php-fusion | 2025-04-12 | N/A |
| Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php. | ||||
| CVE-2013-3993 | 1 Ibm | 1 Infosphere Biginsights | 2025-04-12 | 6.5 Medium |
| IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls. | ||||
| CVE-2013-1641 | 1 Quixplorer | 1 Quixplorer | 2025-04-12 | N/A |
| Directory traversal vulnerability in the zip download functionality in QuiXplorer before 2.5.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the selitems[] parameter in a download_selected action to index.php. | ||||
| CVE-2014-9155 | 1 Avatar Uploader Project | 1 Avatar Uploader | 2025-04-12 | N/A |
| Directory traversal vulnerability in the Avatar Uploader module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.0-beta6 for Drupal allows remote authenticated users to read arbitrary files via a .. (dot dot) in the path of a cropped picture in the uploader panel. | ||||
| CVE-2013-2039 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-12 | N/A |
| Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vectors. | ||||
| CVE-2015-1490 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
| Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package. | ||||
| CVE-2013-1604 | 1 Maygion | 1 Ip Camera Firmware | 2025-04-12 | N/A |
| Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI. | ||||
| CVE-2014-0605 | 1 Attachmate | 1 Reflection Ftp Client | 2025-04-12 | N/A |
| Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method. | ||||
| CVE-2015-4694 | 1 Zip Attachments Project | 1 Zip Attachments | 2025-04-12 | N/A |
| Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter. | ||||
| CVE-2015-2067 | 1 Magmi Project | 1 Magmi | 2025-04-12 | N/A |
| Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2014-1975 | 1 R-company | 1 Unzipper | 2025-04-12 | N/A |
| Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | ||||
| CVE-2015-1003 | 1 Ininet Solutions | 1 Scada Web Server | 2025-04-12 | N/A |
| Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to read arbitrary files via a crafted pathname. | ||||
| CVE-2014-1973 | 1 Nextapp | 1 File Explorer | 2025-04-12 | N/A |
| Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | ||||
| CVE-2015-7006 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-12 | N/A |
| Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive. | ||||
| CVE-2015-4546 | 1 Emc | 2 Rsa Certificate Manager, Rsa Onestep | 2025-04-12 | N/A |
| Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificate Manager and RSA Registration Manager through 6.9 build 558 and other products, allows remote attackers to read arbitrary files via a crafted KCSOSC_ERROR_PAGE parameter. | ||||