Total
7636 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2902 | 2 Apache, Redhat | 5 Tomcat, Certificate System, Enterprise Linux and 2 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. | ||||
| CVE-2011-1099 | 1 Focalmedia.net | 1 Quick Polls | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter in a delete action to index.php. | ||||
| CVE-2011-0966 | 1 Cisco | 1 Ciscoworks Common Services | 2025-04-11 | N/A |
| Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577. | ||||
| CVE-2010-1309 | 1 Ermenegildo Fiorito | 1 Irmin Cms | 2025-04-11 | N/A |
| Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php. | ||||
| CVE-2011-0751 | 1 Nazgul | 1 Nostromo | 2025-04-11 | N/A |
| Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI. | ||||
| CVE-2013-5107 | 1 Rockmongo | 1 Rockmongo | 2025-04-11 | N/A |
| Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php. | ||||
| CVE-2011-0725 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface. | ||||
| CVE-2011-0698 | 2 Djangoproject, Microsoft | 2 Django, Windows | 2025-04-11 | N/A |
| Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays. | ||||
| CVE-2010-1305 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Jinventory | 2025-04-11 | N/A |
| Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2013-6000 | 1 Tattyan | 1 Tattyan Hptown | 2025-04-11 | N/A |
| Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request. | ||||
| CVE-2011-0518 | 1 Lotuscms | 1 Fraise | 2025-04-11 | N/A |
| Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php. | ||||
| CVE-2011-0506 | 1 Tsixm | 1 Axdcms | 2025-04-11 | N/A |
| Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to execute arbitrary code via a .. (dot dot) in the aXconf[default_language] parameter. | ||||
| CVE-2011-0505 | 1 Remi Jean | 1 Zwii | 2025-04-11 | N/A |
| Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the set[template][value] parameter. | ||||
| CVE-2011-0497 | 1 Sybase | 4 Appeon For Powerbuilder, Easerver, Replication Server and 1 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request. | ||||
| CVE-2011-1736 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | N/A |
| Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message. | ||||
| CVE-2014-0809 | 1 Gapless Player | 1 Simzip | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Gapless Player SimZip (aka Simple Zip Viewer) application before 1.2.1 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | ||||
| CVE-2009-4896 | 1 Mlmmj | 1 Mlmmj | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action. | ||||
| CVE-2011-0426 | 1 Vmware | 2 Vcenter, Virtualcenter | 2025-04-11 | N/A |
| Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2011-3500 | 1 Cogentdatahub | 1 Cogent Datahub | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. | ||||
| CVE-2011-0345 | 1 Alcatel-lucent | 1 Omnivista | 2025-04-11 | N/A |
| Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP GET requests, related to the lang variable. | ||||