Total
9358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0895 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2025-04-11 | N/A |
| Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors. | ||||
| CVE-2009-4725 | 1 Arabportal | 1 Arab Portal | 2025-04-11 | N/A |
| Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2009-4683 | 1 Scriptsez | 1 Good\/bad Vote | 2025-04-11 | N/A |
| Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-4801 | 1 Baconmap | 1 Baconmap | 2025-04-11 | N/A |
| Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter. | ||||
| CVE-2012-6064 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | N/A |
| Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files. | ||||
| CVE-2010-4634 | 1 Osticket | 1 Osticket | 2025-04-11 | N/A |
| Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party | ||||
| CVE-2013-2117 | 2 Jason A Donenfeld, Lars Hjemli | 2 Cgit, Cgit | 2025-04-11 | N/A |
| Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | ||||
| CVE-2010-4369 | 1 Awstats | 1 Awstats | 2025-04-11 | N/A |
| Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory. | ||||
| CVE-2010-4270 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2025-04-11 | N/A |
| Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010. | ||||
| CVE-2013-2978 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2988. | ||||
| CVE-2013-3043 | 1 Ibm | 2 Rational Software Architect Design Manager, Rhapsody Design Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files. | ||||
| CVE-2010-2112 | 1 Intervations | 1 Filecopa | 2025-04-11 | N/A |
| Directory traversal vulnerability in the FTP service in FileCOPA before 5.03 allows remote attackers to read or overwrite arbitrary files via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1602 | 2 Joomla, Zimbllc | 2 Joomla\!, Com Zimbcomment | 2025-04-11 | N/A |
| Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2013-1082 | 1 Novell | 1 Zenworks Mobile Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. | ||||
| CVE-2013-2988 | 1 Ibm | 1 Cognos Business Intelligence | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978. | ||||
| CVE-2010-1977 | 2 Gohigheris, Joomla | 2 Com Jwhmcs, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2010-4231 | 2 Camtron, Tecvoz | 4 Cmnc-200, Cmnc-200 Firmware, Cmnc-200 and 1 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web-based administration interface on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2013-7300 | 1 Craig Drummond | 1 Cantata | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301. | ||||
| CVE-2013-7240 | 2 Westerndeal, Wordpress | 2 Advanced Dewplayer, Wordpress | 2025-04-11 | N/A |
| Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter. | ||||
| CVE-2013-5648 | 1 Id | 2 Id-software, Libdigidoc | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / (slash) or \ (backslash) in a DDOC file. | ||||