Filtered by CWE-22
Total 9360 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-0653 1 Ge 3 Intelligent Platforms Proficy Hmi\/scada Cimplicity, Intelligent Platforms Proficy Process Systems, Intelligent Platforms Proficy Process Systems With Cimplicity 2025-04-11 N/A
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to read arbitrary files via a crafted packet.
CVE-2010-4153 1 Crossftp 1 Crossftp Pro 2025-04-11 N/A
Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2012-4135 1 Cisco 1 Nx-os 2025-04-11 N/A
Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275.
CVE-2011-5210 1 Limny 1 Limny 2025-04-11 N/A
Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the theme parameter.
CVE-2012-1047 1 Cyberoam 1 Cyberoam Central Console 2025-04-11 N/A
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action.
CVE-2013-2900 3 Debian, Google, Microsoft 3 Debian Linux, Chrome, Windows 2025-04-11 N/A
The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name.
CVE-2012-4834 1 Ibm 1 Websphere Portal 2025-04-11 N/A
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.
CVE-2010-1495 2 Joomla, Matamko 2 Joomla\!, Com Matamko 2025-04-11 N/A
Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2012-3011 1 Fultek 1 Wintr Scada 2025-04-11 N/A
Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request.
CVE-2010-1494 2 Awdsolution, Joomla 2 Com Awdwall, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2009-4815 1 Solarwinds 1 Serv-u File Server 2025-04-11 N/A
Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2010-0403 1 Phpgroupware 1 Phpgroupware 2025-04-11 N/A
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.
CVE-2012-0403 1 Rsa 1 Envision 2025-04-11 N/A
Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors.
CVE-2010-1492 1 Palosanto 1 Elastix 2025-04-11 N/A
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1219 2 Com Janews, Joomla 2 Com Janews, Joomla 2025-04-11 N/A
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0396 1 Debian 1 Dpkg 2025-04-11 N/A
Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive.
CVE-2012-5380 1 Ruby-lang 1 Ruby 2025-04-11 6.7 Medium
Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation
CVE-2011-2474 1 Sybase 1 Easerver 2025-04-11 N/A
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.
CVE-2010-1954 2 Joomla, Joomlacomponent.inetlanka 2 Joomla\!, Com Multiroot 2025-04-11 N/A
Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-2034 2 Joomla, Percha 2 Joomla\!, Com Perchaimageattach 2025-04-11 N/A
Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.