Search Results (9682 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-1969 1 Apps4u\@android 1 Sd Card Manager 2025-04-12 N/A
Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename.
CVE-2014-1843 1 Southrivertech 1 Titan Ftp Server 2025-04-12 N/A
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
CVE-2014-1842 1 Southrivertech 1 Titan Ftp Server 2025-04-12 N/A
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.
CVE-2016-10106 1 Netgear 8 Fvs318gv2, Fvs318gv2 Firmware, Fvs318n and 5 more 2025-04-12 N/A
Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file.
CVE-2015-1884 1 Ibm 2 Business Process Manager, Websphere 2025-04-12 N/A
Directory traversal vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2 through 7.2.0.5 allows remote authenticated users to read arbitrary files via a crafted internationalization-file URL.
CVE-2015-1550 1 Arubanetworks 1 Clearpass Policy Manager 2025-04-12 N/A
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors.
CVE-2014-1836 1 Impresscms 1 Impresscms 2025-04-12 N/A
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.
CVE-2016-10038 1 Modx 1 Modx Revolution 2025-04-12 N/A
Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove.
CVE-2016-10039 1 Modx 1 Modx Revolution 2025-04-12 7.3 High
Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles.
CVE-2014-3625 3 Pivotal Software, Redhat, Vmware 7 Spring Framework, Jboss Amq, Jboss Bpms and 4 more 2025-04-12 N/A
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
CVE-2011-5310 1 Cherry-design 1 Wikipad 2025-04-12 N/A
Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
CVE-2014-0604 1 Attachmate 1 Reflection Ftp Client 2025-04-12 N/A
Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the StartLog method.
CVE-2014-0605 1 Attachmate 1 Reflection Ftp Client 2025-04-12 N/A
Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method.
CVE-2016-4532 1 Trihedral 1 Vtscada 2025-04-12 N/A
Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to read arbitrary files via a crafted pathname.
CVE-2014-0632 1 Emc 1 Vplex Geosynchrony 2025-04-12 N/A
Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVE-2016-8343 1 Indasengineering 1 Web Scada 2025-04-12 N/A
Directory traversal vulnerability in INDAS Web SCADA before 3 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2014-9282 1 Speed Software 2 Explorer, Root Explorer 2025-04-12 N/A
Directory traversal vulnerability in the Speed Root Explorer application before 3.2 for Android and the Speed Explorer application before 2.2 for Android allows remote attackers to write to arbitrary files via a crafted filename.
CVE-2014-5197 1 Splunk 1 Splunk 2025-04-12 N/A
Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URI, related to search ids.
CVE-2014-100002 1 Zohocorp 1 Manageengine Supportcenter Plus 2025-04-12 N/A
Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to WorkOrder.do in the file attachment for a new ticket.
CVE-2014-100015 1 Solidworks 1 Product Data Management 2025-04-12 N/A
Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload.