Search Results (9666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2524 2 Gnome, Redhat 2 Libsoup, Enterprise Linux 2025-04-11 N/A
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.
CVE-2012-1471 1 Ocportal 1 Ocportal 2025-04-11 N/A
Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2011-1715 2 Eyeos, Qooxdoo 2 Eyeos, Qooxdoo 2025-04-11 N/A
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f (encoded dot dot) sequences in the file parameter.
CVE-2010-4769 2 Janguo, Joomla 2 Com Jimtawl, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the task parameter to index.php.
CVE-2011-1589 1 Mojolicious 1 Mojolicious 2025-04-11 N/A
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
CVE-2012-1497 1 Movabletype 4 Movable Type Advanced, Movable Type Enterprise, Movable Type Open Source and 1 more 2025-04-11 N/A
The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file=" attribute, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files by leveraging the template-designer role.
CVE-2011-3837 1 Wuzly 1 Wuzly 2025-04-11 N/A
Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php.
CVE-2013-5751 1 Sap 1 Netweaver 2025-04-11 N/A
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-3923 1 Savysoda 1 Wifi Free Hd 2025-04-11 N/A
Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.
CVE-2013-3240 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.
CVE-2013-2988 1 Ibm 1 Cognos Business Intelligence 2025-04-11 N/A
Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978.
CVE-2013-2117 2 Jason A Donenfeld, Lars Hjemli 2 Cgit, Cgit 2025-04-11 N/A
Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
CVE-2013-2068 1 Redhat 2 Cloudforms, Cloudforms Management Engine 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
CVE-2012-5931 1 Microfocus 1 Privileged User Manager 2025-04-11 N/A
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
CVE-2012-4959 1 Novell 1 File Reporter 2025-04-11 N/A
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
CVE-2012-4957 1 Novell 1 File Reporter 2025-04-11 N/A
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
CVE-2012-3380 1 Wargio 1 Naxsi 2025-04-11 N/A
Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
CVE-2012-2435 1 Pligg 1 Pligg Cms 2025-04-11 N/A
Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the captcha parameter to module.php, as demonstrated by cross-site request forgery (CSRF) attacks.
CVE-2012-2421 2 Intuit, Microsoft 2 Quickbooks, Internet Explorer 2025-04-11 N/A
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to read arbitrary files in ZIP archives via a full pathname in the URI.
CVE-2012-2202 1 Ibm 3 Lotus Protector For Mail Security, Proventia Network Mail Security System, Proventia Network Mail Security System Firmware 2025-04-11 N/A
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.