Total
6477 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-1736 | 1 Hp | 1 Openview Storage Data Protector | 2024-08-06 | N/A |
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message. | ||||
CVE-2011-1669 | 2 Mikoviny, Wordpress | 2 Wp Custom Pages, Wordpress | 2024-08-06 | N/A |
Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter. | ||||
CVE-2011-1654 | 1 Broadcom | 1 Total Defense | 2024-08-06 | N/A |
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx. | ||||
CVE-2011-1715 | 2 Eyeos, Qooxdoo | 2 Eyeos, Qooxdoo | 2024-08-06 | N/A |
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f (encoded dot dot) sequences in the file parameter. | ||||
CVE-2011-1688 | 1 Bestpractical | 1 Rt | 2024-08-06 | N/A |
Directory traversal vulnerability in Best Practical Solutions RT 3.2.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allows remote attackers to read arbitrary files via a crafted HTTP request. | ||||
CVE-2011-1607 | 1 Cisco | 1 Unified Communications Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603. | ||||
CVE-2011-1572 | 1 Gitolite | 1 Gitolite | 2024-08-06 | N/A |
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands. | ||||
CVE-2011-1586 | 2 Kde, Redhat | 2 Kde Sc, Enterprise Linux | 2024-08-06 | N/A |
Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000. | ||||
CVE-2011-1595 | 2 Rdesktop, Redhat | 2 Rdesktop, Enterprise Linux | 2024-08-06 | N/A |
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname. | ||||
CVE-2011-1589 | 1 Mojolicious | 1 Mojolicious | 2024-08-06 | N/A |
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI. | ||||
CVE-2011-1566 | 1 7t | 1 Igss | 2024-08-06 | N/A |
Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397. | ||||
CVE-2011-1565 | 1 7t | 1 Igss | 2024-08-06 | N/A |
Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401. | ||||
CVE-2011-1359 | 1 Ibm | 1 Websphere Application Server | 2024-08-06 | N/A |
Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
CVE-2011-1389 | 1 Ibm | 3 Rational License Key Server, Rational License Server, Telelogic License Server | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-4135. | ||||
CVE-2011-1099 | 1 Focalmedia.net | 1 Quick Polls | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter in a delete action to index.php. | ||||
CVE-2011-0966 | 1 Cisco | 1 Ciscoworks Common Services | 2024-08-06 | N/A |
Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, aka Bug ID CSCto35577. | ||||
CVE-2011-0903 | 1 Awcm-cms | 1 Ar Web Content Manager | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in AR Web Content Manager (AWCM) 2.2 allow remote attackers to read arbitrary files and possibly have other unspecified impact via a .. (dot dot) in the (1) awcm_theme or (2) awcm_lang cookie to (a) index.php or (b) header.php. | ||||
CVE-2011-0751 | 1 Nazgul | 1 Nostromo | 2024-08-06 | N/A |
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI. | ||||
CVE-2011-0725 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2024-08-06 | N/A |
Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface. | ||||
CVE-2011-0698 | 2 Djangoproject, Microsoft | 2 Django, Windows | 2024-08-06 | N/A |
Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays. |