Total
6484 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-8309 | 1 Fomori | 1 Cherrymusic | 2024-08-06 | N/A |
Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download." | ||||
CVE-2015-8283 | 1 Seawell Networks | 1 Spectrum Sdc | 2024-08-06 | N/A |
Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00. | ||||
CVE-2015-8235 | 1 Call-cc | 1 Spiffy | 2024-08-06 | N/A |
Directory traversal vulnerability in Spiffy before 5.4. | ||||
CVE-2015-8228 | 1 Huawei | 10 Ar120, Ar1200, Ar150 and 7 more | 2024-08-06 | N/A |
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors. | ||||
CVE-2015-7907 | 1 Honeywell | 2 Midas Black Firmware, Midas Firmware | 2024-08-06 | N/A |
Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors. | ||||
CVE-2015-7888 | 1 Samsung | 2 Galaxy S6 Edge, Galaxy S6 Edge Firmware | 2024-08-06 | N/A |
Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download. | ||||
CVE-2015-7851 | 1 Ntp | 1 Ntp | 2024-08-06 | 6.5 Medium |
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files. | ||||
CVE-2015-7815 | 1 Matomo | 1 Matomo | 2024-08-06 | N/A |
Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter. | ||||
CVE-2015-7780 | 1 Zohocorp | 1 Manageengine Firewall Analyzer | 2024-08-06 | N/A |
Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0. | ||||
CVE-2015-7669 | 1 Easy2map | 1 Easy2map | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file functionality." | ||||
CVE-2015-7683 | 1 Font Project | 1 Font | 2024-08-06 | N/A |
Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxProxy.php. | ||||
CVE-2015-7601 | 1 Pcman\'s Ftp Server Project | 1 Pcman\'s Ftp Server | 2024-08-06 | N/A |
Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows remote attackers to read arbitrary files via a ..// (dot dot double slash) in a RETR command. | ||||
CVE-2015-7602 | 1 Bisonware | 1 Bisonftp | 2024-08-06 | N/A |
Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command. | ||||
CVE-2015-7372 | 1 Revive-adserver | 1 Revive Adserver | 2024-08-06 | N/A |
Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the layerstyle parameter. | ||||
CVE-2015-7254 | 1 Huawei | 3 Hg532e, Hg532n, Hg532s | 2024-08-06 | N/A |
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI. | ||||
CVE-2015-7270 | 1 Dell | 4 Integrated Remote Access Controller 6, Integrated Remote Access Controller 7, Integrated Remote Access Controller 8 and 1 more | 2024-08-06 | N/A |
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | ||||
CVE-2015-7245 | 2 D-link, Dlink | 2 Dvg-n5402sp Firmware, Dvg-n5402sp | 2024-08-06 | N/A |
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter. | ||||
CVE-2015-7250 | 1 Zte | 2 Zxhn H108n R1a, Zxhn H108n R1a Firmware | 2024-08-06 | N/A |
Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. | ||||
CVE-2015-7037 | 1 Apple | 1 Iphone Os | 2024-08-06 | N/A |
Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. | ||||
CVE-2015-7006 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-08-06 | N/A |
Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive. |