Total
6480 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6000 | 1 Tattyan | 1 Tattyan Hptown | 2024-08-06 | N/A |
| Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request. | ||||
| CVE-2013-5984 | 1 Microweber | 1 Microweber | 2024-08-06 | N/A |
| Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2013-5757 | 1 Yealink | 1 Sip-t38g | 2024-08-06 | N/A |
| Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx. | ||||
| CVE-2013-5751 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
| Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-5756 | 1 Yealink | 1 Sip-t38g | 2024-08-06 | N/A |
| Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx. | ||||
| CVE-2013-5639 | 1 Raoul Proenca | 1 Gnew | 2024-08-06 | N/A |
| Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the gnew_language cookie. | ||||
| CVE-2013-5655 | 1 Xiaowen Huang | 1 Yingzhi Python Programming Language | 2024-08-06 | N/A |
| Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. (dot dot) in the default URI. | ||||
| CVE-2013-5528 | 1 Cisco | 1 Unified Communications Manager | 2024-08-06 | N/A |
| Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815. | ||||
| CVE-2024-7458 | 2 Eladmin, Elunez | 2 Eladmin, Eladmin | 2024-08-06 | 5.5 Medium |
| A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversal: 'dir/../../filename'. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273551. | ||||
| CVE-2013-5219 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2024-08-06 | N/A |
| Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd. | ||||
| CVE-2013-5301 | 1 Trustport | 1 Webfilter | 2024-08-06 | N/A |
| Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter. | ||||
| CVE-2013-5021 | 2 Abb, Ni | 5 Datamanager, Labview, Labwindows and 2 more | 2024-08-06 | N/A |
| Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunction with file content in the (a) Caption or (b) FormatString property value. | ||||
| CVE-2013-5107 | 1 Rockmongo | 1 Rockmongo | 2024-08-06 | N/A |
| Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php. | ||||
| CVE-2013-5022 | 1 Ni | 4 Labview, Labwindows, Measurementstudio and 1 more | 2024-08-06 | N/A |
| Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. | ||||
| CVE-2013-5011 | 1 Symantec | 1 Endpoint Protection | 2024-08-06 | N/A |
| Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory. | ||||
| CVE-2013-4855 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-08-06 | 8.8 High |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | ||||
| CVE-2013-4861 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2024-08-06 | 6.5 Medium |
| Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2013-4885 | 2 Nmap, Opensuse | 2 Nmap, Opensuse | 2024-08-06 | N/A |
| The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences. | ||||
| CVE-2013-4658 | 1 Linksys | 2 Ea6500, Ea6500 Firmware | 2024-08-06 | 9.8 Critical |
| Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. | ||||
| CVE-2013-4702 | 1 Lockon | 1 Ec-cube | 2024-08-06 | N/A |
| Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbitrary files via vectors involving a (1) Operation, (2) Service, (3) Style, (4) Validate, or (5) Version value. | ||||