Total
6481 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0141 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-08-06 | N/A |
| Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory. | ||||
| CVE-2013-0084 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-08-06 | N/A |
| Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability." | ||||
| CVE-2014-125080 | 1 Faplanet Project | 1 Faplanet | 2024-08-06 | 5.5 Medium |
| A vulnerability has been found in frontaccounting faplanet and classified as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. The patch is identified as a5dcd87f46080a624b1a9ad4b0dd035bbd24ac50. It is recommended to apply a patch to fix this issue. VDB-218398 is the identifier assigned to this vulnerability. | ||||
| CVE-2014-125068 | 1 Maps-js-icoads Project | 1 Maps-js-icoads | 2024-08-06 | 5.5 Medium |
| A vulnerability was found in saxman maps-js-icoads and classified as critical. This issue affects some unknown processing of the file http-server.js. The manipulation leads to path traversal. The patch is named 34b8b0cce2807b119f4cffda2ac48fc8f427d69a. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217643. | ||||
| CVE-2014-125069 | 1 Maps-js-icoads Project | 1 Maps-js-icoads | 2024-08-06 | 4.3 Medium |
| A vulnerability was found in saxman maps-js-icoads. It has been classified as problematic. Affected is an unknown function. The manipulation leads to exposure of information through directory listing. It is possible to launch the attack remotely. The name of the patch is 34b8b0cce2807b119f4cffda2ac48fc8f427d69a. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217644. | ||||
| CVE-2014-125033 | 1 Rails-cv-app Project | 1 Rails-cv-app | 2024-08-06 | 3.5 Low |
| A vulnerability was found in rails-cv-app. It has been rated as problematic. Affected by this issue is some unknown functionality of the file app/controllers/uploaded_files_controller.rb. The manipulation with the input ../../../etc/passwd leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The patch is identified as 0d20362af0a5f8a126f67c77833868908484a863. It is recommended to apply a patch to fix this issue. VDB-217178 is the identifier assigned to this vulnerability. | ||||
| CVE-2014-100029 | 1 Ganesha Digital Library Project | 1 Ganesha Digital Library | 2024-08-06 | N/A |
| Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter. | ||||
| CVE-2014-100002 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2024-08-06 | N/A |
| Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to WorkOrder.do in the file attachment for a new ticket. | ||||
| CVE-2014-100015 | 1 Solidworks | 1 Product Data Management | 2024-08-06 | N/A |
| Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload. | ||||
| CVE-2014-10396 | 1 Organizedthemes | 1 Epic | 2024-08-06 | 7.5 High |
| The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php. | ||||
| CVE-2014-10390 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2024-08-06 | N/A |
| The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. | ||||
| CVE-2014-10397 | 1 Para | 1 Antioch | 2024-08-06 | 7.5 High |
| The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php. | ||||
| CVE-2014-10073 | 2 Debian, Wpitchoune | 2 Debian Linux, Psensor | 2024-08-06 | 7.5 High |
| The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory. | ||||
| CVE-2014-10037 | 1 Domphp | 1 Domphp | 2024-08-06 | N/A |
| Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php. | ||||
| CVE-2014-10010 | 1 Phpjabbers | 1 Appointment Scheduler | 2024-08-06 | N/A |
| Directory traversal vulnerability in PHPJabbers Appointment Scheduler 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a pjActionDownload action to the pjBackup controller. | ||||
| CVE-2014-9983 | 1 Rarlab | 1 Rar | 2024-08-06 | N/A |
| Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive. | ||||
| CVE-2014-9767 | 3 Hiphop Virtual Machine For Php Project, Php, Redhat | 3 Hiphop Virtual Machine For Php, Php, Rhel Software Collections | 2024-08-06 | N/A |
| Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. | ||||
| CVE-2014-9581 | 1 Codiad | 1 Codiad | 2024-08-06 | N/A |
| Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information. | ||||
| CVE-2014-9574 | 1 Fluxbb | 1 Fluxbb | 2024-08-06 | N/A |
| Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter. | ||||
| CVE-2014-9609 | 1 Netsweeper | 1 Netsweeper | 2024-08-06 | 5.3 Medium |
| Directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a .. (dot dot) in the log parameter in a stats action. | ||||