Total
6435 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-5086 | 1 Bitweaver | 1 Bitweaver | 2024-09-17 | N/A |
| Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter. | ||||
| CVE-2017-16192 | 1 Getcityapi.yoehoehne Project | 1 Getcityapi.yoehoehne | 2024-09-17 | N/A |
| getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
| CVE-2020-3381 | 1 Cisco | 5 1100-4g Integrated Services Router, 1100-4gltegb Integrated Services Router, 1100-4gltena Integrated Services Router and 2 more | 2024-09-17 | 8.8 High |
| A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access to sensitive files on a targeted system. The vulnerability is due to a lack of proper validation of files that are uploaded to an affected device. An attacker could exploit this vulnerability by uploading a crafted file to an affected system. An exploit could allow the attacker to view or modify arbitrary files on the targeted system. | ||||
| CVE-2017-16211 | 1 Lessindex Project | 1 Lessindex | 2024-09-17 | N/A |
| lessindex is a static file server. lessindex is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
| CVE-2019-7007 | 1 Avaya | 1 Aura Conferencing | 2024-09-17 | 7.5 High |
| A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server. | ||||
| CVE-2017-16200 | 1 Uv-tj-demo Project | 1 Uv-tj-demo | 2024-09-17 | N/A |
| uv-tj-demo is a static file server. uv-tj-demo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | ||||
| CVE-2011-5310 | 1 Cherry-design | 1 Wikipad | 2024-09-17 | N/A |
| Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | ||||
| CVE-2011-4717 | 1 Zftpserver | 1 Zftpserver Suite | 2024-09-17 | N/A |
| Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command. | ||||
| CVE-2013-3541 | 1 Ovislink | 1 Airlive Wl2600cam | 2024-09-17 | N/A |
| Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other camera models allows remote attackers to read arbitrary files via a .. (dot dot) in the READ.filePath parameter. | ||||
| CVE-2022-39022 | 1 Edetw | 1 U-office Force | 2024-09-17 | 6.5 Medium |
| U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file. | ||||
| CVE-2010-0982 | 2 Joomla, Joomlamo | 2 Joomla\!, Com Cartweberp | 2024-09-17 | N/A |
| Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | ||||
| CVE-2020-7668 | 1 Compression And Archive Extensions Tz Project | 1 Compression And Archive Extensions Tz Project | 2024-09-17 | 7.5 High |
| In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide. | ||||
| CVE-2017-12560 | 1 Hp | 1 Intelligent Management Center | 2024-09-17 | N/A |
| A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found. | ||||
| CVE-2018-19945 | 1 Qnap | 1 Qts | 2024-09-17 | 9.1 Critical |
| A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed this vulnerability in the following versions: QTS 4.3.6.0895 build 20190328 (and later) QTS 4.3.4.0899 build 20190322 (and later) This issue does not affect QTS 4.4.x or QTS 4.5.x. | ||||
| CVE-2022-41780 | 1 F5 | 2 F5os-a, F5os-c | 2024-09-17 | 5.5 Medium |
| In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files. | ||||
| CVE-2010-0933 | 1 Perforce | 1 Perforce Server | 2024-09-17 | N/A |
| Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command. | ||||
| CVE-2014-2863 | 1 Paperthin | 1 Commonspot Content Server | 2024-09-17 | N/A |
| Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a full pathname in a parameter. | ||||
| CVE-2022-0902 | 1 Abb | 14 Rmc-100, Rmc-100-lite, Rmc-100-lite Firmware and 11 more | 2024-09-17 | 8.1 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node. | ||||
| CVE-2018-12631 | 1 Redatam | 1 Redatam | 2024-09-17 | N/A |
| Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal. | ||||
| CVE-2003-1537 | 1 Postnuke Software Foundation | 1 Postnuke | 2024-09-17 | N/A |
| Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | ||||