Search Results (9653 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-6226 1 Ajaxplorer 1 Ajaxplorer 2025-04-11 N/A
Directory traversal vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to read or delete arbitrary files via unspecified vectors.
CVE-2013-4420 1 Feep 1 Libtar 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. (dot dot) in a crafted tar file.
CVE-2013-4315 2 Djangoproject, Redhat 2 Django, Openstack 2025-04-11 N/A
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.
CVE-2013-3923 1 Savysoda 1 Wifi Free Hd 2025-04-11 N/A
Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.
CVE-2013-2988 1 Ibm 1 Cognos Business Intelligence 2025-04-11 N/A
Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978.
CVE-2013-2981 1 Ibm 1 Data Studio 2025-04-11 N/A
Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-2979 1 Ibm 2 Infosphere Optim Performance Manager, Optim Performance Manager 2025-04-11 N/A
Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL.
CVE-2013-2978 1 Ibm 1 Cognos Business Intelligence 2025-04-11 N/A
Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2988.
CVE-2013-2117 2 Jason A Donenfeld, Lars Hjemli 2 Cgit, Cgit 2025-04-11 N/A
Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
CVE-2013-2068 1 Redhat 2 Cloudforms, Cloudforms Management Engine 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
CVE-2012-1712 1 Oracle 1 Glassfish Web Space Server10.0 2025-04-11 N/A
Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors.
CVE-2013-1627 2 Advantech, Indusoft 2 Advantech Studio, Web Studio 2025-04-11 N/A
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
CVE-2013-0831 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process.
CVE-2009-5093 1 Php4scripte 1 Gastebuch 2025-04-11 N/A
Directory traversal vulnerability in gastbuch.php in Gästebuch (Gastebuch) 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter.
CVE-2012-1918 1 Atmail 1 Atmail Open 2025-04-11 N/A
Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.
CVE-2013-0705 1 Lsi 1 3ware Disk Manager 2025-04-11 N/A
Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) before 2 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-0679 1 Siemens 2 Simatic Pcs7, Wincc 2025-04-11 N/A
Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname.
CVE-2012-2293 1 Emc 2 Rsa Archer Egrc, Rsa Archer Smartsuite 2025-04-11 N/A
Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path.
CVE-2012-5931 1 Microfocus 1 Privileged User Manager 2025-04-11 N/A
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
CVE-2013-5688 1 Ajaxplorer 1 Ajaxplorer 2025-04-11 N/A
Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the file parameter in a (1) download or (2) get_content action, or (3) upload arbitrary files via a ../%00 (dot dot backslash encoded null byte) in the dir parameter in an upload action.