Filtered by CWE-22
Total 9361 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-0698 2 Djangoproject, Microsoft 2 Django, Windows 2025-04-11 N/A
Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays.
CVE-2011-0497 1 Sybase 4 Appeon For Powerbuilder, Easerver, Replication Server and 1 more 2025-04-11 N/A
Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request.
CVE-2010-5281 1 Net4visions 1 Ibrowser 2025-04-11 N/A
Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4149 1 Freshwebmaster 1 Fresh Ftp 2025-04-11 N/A
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE: some of these details are obtained from third party information.
CVE-2010-3930 1 Modxcms 1 Evolution 2025-04-11 N/A
Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427.
CVE-2010-3743 1 Rene Tegel 1 Visual Synapse 2025-04-11 N/A
Directory traversal vulnerability in Visual Synapse HTTP Server 1.0 RC1 through RC3, and 0.60 and earlier, allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2010-3488 1 Houbysoft 1 Quickshare 2025-04-11 N/A
Directory traversal vulnerability in QuickShare 1.0 allows remote attackers to read arbitrary files via a ... (triple dot) in the URL.
CVE-2010-3487 1 Yellosoft 1 Pinky 2025-04-11 N/A
Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.
CVE-2013-3923 1 Savysoda 1 Wifi Free Hd 2025-04-11 N/A
Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.
CVE-2011-2780 1 Chyrp 1 Chyrp 2025-04-11 N/A
Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2011-2744.
CVE-2010-2143 1 Getsymphony 1 Symphony 2025-04-11 N/A
Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the mode parameter.
CVE-2010-2006 1 Letodms 1 Letodms 2025-04-11 N/A
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
CVE-2012-2293 1 Emc 2 Rsa Archer Egrc, Rsa Archer Smartsuite 2025-04-11 N/A
Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path.
CVE-2010-1920 1 Openmairie 1 Openannuaire 2025-04-11 N/A
Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.
CVE-2010-1717 1 If Surfalert Project 1 If Surfalert 2025-04-11 N/A
Directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2012-4705 1 3s-software 1 Codesys Gateway-server 2025-04-11 N/A
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.
CVE-2010-1492 1 Palosanto 1 Elastix 2025-04-11 N/A
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1077 2 Vbseo, Vbulletin 2 Vbseo, Vbulletin 2025-04-11 N/A
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.
CVE-2011-4450 1 Wikkawiki 1 Wikkawiki 2025-04-11 N/A
Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. (dot dot) in the file parameter, as demonstrated by the /../../wikka.config.php pathname in a download action.
CVE-2010-1060 1 Phpkobo 1 Short Url 2025-04-11 N/A
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter.