Total
6479 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-6064 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-08-06 | N/A |
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files. | ||||
CVE-2012-5978 | 1 Vmware | 1 View | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2012-6069 | 1 3s-software | 1 Codesys Runtime System | 2024-08-06 | N/A |
Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a .. (dot dot) in a request to the TCP listener service. | ||||
CVE-2012-6038 | 1 Razorcms | 1 Razorcms | 2024-08-06 | N/A |
admin/core/admin_func.php in razorCMS before 1.2.1 does not properly restrict access to certain administrator directories and files, which allows remote authenticated users to read, edit, rename, move, copy and delete files via the (1) dir parameter in a fileman or (2) filemanview action. NOTE: this issue has been referred to as a "path traversal." | ||||
CVE-2012-6080 | 1 Moinmo | 1 Moinmoin | 2024-08-06 | N/A |
Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a file name. | ||||
CVE-2012-5907 | 1 Tomatocart | 1 Tomatocart | 2024-08-06 | N/A |
Directory traversal vulnerability in json.php in TomatoCart 1.2.0 Alpha 2 and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter in a "3" action. | ||||
CVE-2024-41628 | 2024-08-06 | 7.5 High | ||
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | ||||
CVE-2012-5687 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2024-08-06 | N/A |
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI. | ||||
CVE-2012-5641 | 2 Apache, Mochiweb Project | 2 Couchdb, Mochiweb | 2024-08-06 | N/A |
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI. | ||||
CVE-2012-5335 | 1 Saurabh Gupta | 1 Tiny Server | 2024-08-06 | N/A |
Directory traversal vulnerability in Tiny Server 1.1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the URI of an HTTP request. | ||||
CVE-2012-5331 | 1 Nasir Khan | 1 Asaancart | 2024-08-06 | N/A |
Directory traversal vulnerability in asaanCart 0.9 allows remote attackers to include arbitrary local files via a .. (dot dot) in the page parameter to index.php. | ||||
CVE-2012-5242 | 1 Bananadance | 1 Banana Dance | 2024-08-06 | N/A |
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action. | ||||
CVE-2012-5192 | 1 Bitweaver | 1 Bitweaver | 2024-08-06 | N/A |
Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter. | ||||
CVE-2012-5171 | 1 Be-graph | 1 Bezip | 2024-08-06 | N/A |
Directory traversal vulnerability in Be Graph BeZIP before 3.10 allows remote attackers to create or overwrite arbitrary files via a crafted archive file. | ||||
CVE-2012-5100 | 1 Luizpicanco | 1 Hserver | 2024-08-06 | N/A |
Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO. | ||||
CVE-2012-4997 | 1 Anecms | 1 Anecms | 2024-08-06 | N/A |
Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter. | ||||
CVE-2012-5051 | 1 Vmware | 1 Capacityiq | 2024-08-06 | N/A |
Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2012-4940 | 1 Gecad | 1 Axigen Free Mail Server | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI. | ||||
CVE-2012-4915 | 2 Davistribe, Wordpress | 2 Google Doc Embedder, Wordpress | 2024-08-06 | N/A |
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php. | ||||
CVE-2012-4878 | 1 Flatnux | 1 Flatnux | 2024-08-06 | N/A |
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. |