Export limit exceeded: 365171 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9648 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2425 1 Southrivertech 1 Titan Ftp Server 2025-04-11 N/A
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
CVE-2010-0533 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors.
CVE-2010-0613 1 Arwscripts 1 Fonts Script 2025-04-11 N/A
Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-2322 2 Matthias Klose, Redhat 2 Fastjar, Enterprise Linux 2025-04-11 N/A
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.
CVE-2010-4153 1 Crossftp 1 Crossftp Pro 2025-04-11 N/A
Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-4154 1 Rhinosoft 1 Ftp Voyager 2025-04-11 N/A
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-0831 2 Matthias Klose, Redhat 2 Fastjar, Enterprise Linux 2025-04-11 N/A
Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.
CVE-2013-0136 1 Mutiny 3 Mutiny, Mutiny Appliance, Mutiny Virtual Appliance 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow remote authenticated users to upload and execute arbitrary programs, read arbitrary files, or cause a denial of service (file deletion or renaming) via (1) the uploadPath parameter in an UPLOAD operation; the paths[] parameter in a (2) DELETE, (3) CUT, or (4) COPY operation; or the newPath parameter in a (5) CUT or (6) COPY operation.
CVE-2011-4717 1 Zftpserver 1 Zftpserver Suite 2025-04-11 N/A
Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.
CVE-2010-2018 1 Bukulokomedia 1 Lokomedia Cms 2025-04-11 N/A
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2010-2122 2 Joelrowley, Joomla 2 Com Simpledownload, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2013-7300 1 Craig Drummond 1 Cantata 2025-04-11 N/A
Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301.
CVE-2010-2112 1 Intervations 1 Filecopa 2025-04-11 N/A
Directory traversal vulnerability in the FTP service in FileCOPA before 5.03 allows remote attackers to read or overwrite arbitrary files via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-4181 1 Yaws 1 Yaws 2025-04-11 N/A
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
CVE-2010-0957 1 Saskia Bruckner 1 Saskias Shopsystem 2025-04-11 N/A
Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.
CVE-2010-0958 1 Thomas Perez 1 Tribisur 2025-04-11 N/A
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4231 2 Camtron, Tecvoz 4 Cmnc-200, Cmnc-200 Firmware, Cmnc-200 and 1 more 2025-04-11 N/A
Directory traversal vulnerability in the web-based administration interface on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2010-0967 1 Geekhelps 1 Admp 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/. NOTE: some of these details are obtained from third party information.
CVE-2009-4740 1 Typo3 2 Typo3, Ws Ecard 2025-04-11 N/A
Directory traversal vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 has unspecified impact and remote attack vectors.
CVE-2012-1918 1 Atmail 1 Atmail Open 2025-04-11 N/A
Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.