Total
8098 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1652 | 1 Helpcenterlive | 1 Hcl | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3456 | 1 Energyscripts | 1 Simple Download | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2012-4135 | 1 Cisco | 1 Nx-os | 2025-04-11 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. | |||||
| CVE-2012-1089 | 1 Apache | 1 Wicket | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package. | |||||
| CVE-2013-7138 | 1 Horizon Quick Content Management System Project | 1 Horizon Quick Content Management System | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter. | |||||
| CVE-2010-1345 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-4798 | 1 Orangehrm | 1 Orangehrm | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter. | |||||
| CVE-2012-5100 | 1 Luizpicanco | 1 Hserver | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO. | |||||
| CVE-2011-3837 | 1 Wuzly | 1 Wuzly | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php. | |||||
| CVE-2009-5093 | 1 Php4scripte | 1 Gastebuch | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in gastbuch.php in Gästebuch (Gastebuch) 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter. | |||||
| CVE-2014-0803 | 2 Google, Yuichiro Okuyama | 3 Android, Tetra Filer, Tetra Filer Free | 2025-04-11 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the tetra filer application 2.3.1 and earlier for Android 4.0.3, tetra filer free application 2.3.1 and earlier for Android 4.0.3, tetra filer application 1.5.1 and earlier for Android before 4.0.3, and tetra filer free application 1.5.1 and earlier for Android before 4.0.3 allows attackers to overwrite or create arbitrary files via unspecified vectors. | |||||
| CVE-2010-3688 | 1 Netartmedia | 1 Websiteadmin | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA WebSiteAdmin allows remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the lng parameter. | |||||
| CVE-2012-1289 | 1 Sap | 1 Netweaver | 2025-04-11 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component. | |||||
| CVE-2010-1679 | 1 Debian | 1 Dpkg | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package. | |||||
| CVE-2012-5907 | 1 Tomatocart | 1 Tomatocart | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter in a "3" action. | |||||
| CVE-2013-1156 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034. | |||||
| CVE-2010-2307 | 1 Motorola | 1 Surfboard Sbv6120e | 2025-04-11 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. | |||||
| CVE-2010-2035 | 2 Joomla, Percha | 2 Joomla\!, Com Perchagallery | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-0348 | 1 C-3.co.jp | 1 Webcalenderc3 | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2011-1586 | 1 Kde | 1 Kde Sc | 2025-04-11 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000. | |||||