Total
6479 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3324 | 2 Ibm, Microsoft | 8 Db2, Db2 Connect, Windows 2000 and 5 more | 2024-08-06 | N/A |
| Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. | ||||
| CVE-2024-4296 | 2024-08-06 | 4.9 Medium | ||
| The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files. | ||||
| CVE-2012-3305 | 1 Ibm | 1 Websphere Application Server | 2024-08-06 | N/A |
| Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file. | ||||
| CVE-2012-3011 | 1 Fultek | 1 Wintr Scada | 2024-08-06 | N/A |
| Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request. | ||||
| CVE-2012-2919 | 1 Chevereto | 1 Chevereto | 2024-08-06 | N/A |
| Directory traversal vulnerability in Upload/engine.php in Chevereto 1.9.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the v parameter. | ||||
| CVE-2012-2421 | 2 Intuit, Microsoft | 2 Quickbooks, Internet Explorer | 2024-08-06 | N/A |
| Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to read arbitrary files in ZIP archives via a full pathname in the URI. | ||||
| CVE-2012-2215 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-06 | N/A |
| Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request. | ||||
| CVE-2012-2227 | 1 Pluxml | 1 Pluxml | 2024-08-06 | N/A |
| Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | ||||
| CVE-2012-2202 | 1 Ibm | 3 Lotus Protector For Mail Security, Proventia Network Mail Security System, Proventia Network Mail Security System Firmware | 2024-08-06 | N/A |
| Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2012-2208 | 1 Piwigo | 1 Piwigo | 2024-08-06 | N/A |
| Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | ||||
| CVE-2012-2194 | 1 Ibm | 1 Db2 | 2024-08-06 | N/A |
| Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors. | ||||
| CVE-2012-2181 | 1 Ibm | 1 Websphere Portal | 2024-08-06 | N/A |
| Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL. | ||||
| CVE-2012-2139 | 2 Cloudforms Cloudengine, Rubygems | 2 1, Mail Gem | 2024-08-06 | N/A |
| Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter. | ||||
| CVE-2012-1917 | 1 Atmail | 1 Atmail Open | 2024-08-06 | N/A |
| compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ (dot dot slash) sequences in the unique parameter, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ..././ (dot dot dot slash dot slash) sequence. | ||||
| CVE-2012-1918 | 1 Atmail | 1 Atmail Open | 2024-08-06 | N/A |
| Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter. | ||||
| CVE-2012-1839 | 1 Ajaxplorer | 1 Ajaxplorer | 2024-08-06 | N/A |
| Multiple directory traversal vulnerabilities in the Get Template feature in plugins/gui.ajax/class.AJXP_ClientDriver.php in AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) pluginName or (2) pluginPath parameter in a get_template action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-1790 | 1 Webgrind Project | 1 Webgrind | 2024-08-06 | N/A |
| Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php. | ||||
| CVE-2012-1841 | 2 Dell, Quantum | 7 Powervault Ml6000, Powervault Ml6000 Firmware, Powervault Ml6010 and 4 more | 2024-08-06 | N/A |
| Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter. | ||||
| CVE-2012-1669 | 1 Phpmoneybooks | 1 Phpmoneybooks | 2024-08-06 | N/A |
| Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | ||||
| CVE-2012-1617 | 1 Juan Ramon | 1 Osclass | 2024-08-06 | N/A |
| Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files. | ||||