Filtered by CWE-22
Total 9457 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-1430 3 Epic Games, Linux, Microsoft 3 Unreal Engine, Linux Kernel, All Windows 2026-04-16 N/A
Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL.
CVE-2004-2745 1 Anteco Visual Technologies 1 Ownserver 2026-04-16 N/A
Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
CVE-2003-1345 1 Follett Software 1 Webcollection Plus 2026-04-16 N/A
Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter.
CVE-2002-2240 1 Myserver 1 Myserver 2026-04-16 N/A
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request.
CVE-2005-1813 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
CVE-2002-2416 1 Zeroo 1 Http Server 2026-04-16 N/A
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.
CVE-2002-2403 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.
CVE-2002-2375 1 Stalker 1 Communigate Pro 2026-04-16 N/A
Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information.
CVE-2002-2269 1 Webster 1 Webster Http Server 2026-04-16 N/A
Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2002-2233 1 Mollensoft Software 1 Enceladus Server Suite 2026-04-16 N/A
Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..".
CVE-2001-0780 1 Cosmicperl 1 Directory Pro 2026-04-16 N/A
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
CVE-2004-2686 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure.
CVE-2005-4600 1 Moxiecode 1 Tinymce Compressor Php 2026-04-16 N/A
Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.
CVE-2006-0223 1 Topcmm Computing 1 123 Flash Chat Server 2026-04-16 N/A
Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field.
CVE-2005-1925 1 Tiki 1 Tikiwiki Cms\/groupware 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php.
CVE-2005-1918 2 Gnu, Redhat 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
CVE-2004-1991 1 Aldostools 1 Aldo\'s Web Server 2026-04-16 N/A
Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. (dot dot) in an HTTP GET request.
CVE-2002-2238 1 Kunani 1 Kunani Odbc Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in a GET request.
CVE-2006-2758 1 Jetty 1 Jetty 2026-04-16 5.3 Medium
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
CVE-2004-1364 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2026-04-16 N/A
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.