Search Results (9601 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1499 1 Bytehoard 1 Bytehoard 2026-04-16 N/A
Directory traversal vulnerability in index.php in Bytehoard 0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the infolder parameter.
CVE-2003-1414 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2026-04-16 N/A
Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter.
CVE-2003-1380 1 Bisonftp 1 Bisonftp Server 4 2026-04-16 N/A
Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command.
CVE-2003-1335 1 Kai Blankenhorn Bitfolge 1 Simple And Nice Index File 2026-04-16 N/A
Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.5 allows remote attackers to download files from locations above the snif directory.
CVE-2004-0847 1 Microsoft 1 Asp.net 2026-04-16 N/A
The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability."
CVE-2006-1746 1 Tincan 1 Phplist 2026-04-16 N/A
Directory traversal vulnerability in PHPList 2.10.2 and earlier allows remote attackers to include arbitrary local files via the (1) GLOBALS[database_module] or (2) GLOBALS[language_module] parameters, which overwrite the underlying $GLOBALS variable.
CVE-2005-1813 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
CVE-2006-2337 1 D-link 1 Dsl-g604t 2026-04-16 N/A
Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter.
CVE-2005-1925 1 Tiki 1 Tikiwiki Cms\/groupware 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php.
CVE-2002-2269 1 Webster 1 Webster Http Server 2026-04-16 N/A
Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2004-1927 1 Tiki 1 Tikiwiki Cms\/groupware 2026-04-16 N/A
Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.
CVE-2005-2033 1 Blue-collar Productions 1 I-gallery 2026-04-16 N/A
Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter.
CVE-2006-3934 1 Alkacon 1 Opencms 2026-04-16 N/A
Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter.
CVE-2004-1364 1 Oracle 9 Application Server, Collaboration Suite, E-business Suite and 6 more 2026-04-16 N/A
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
CVE-2002-2292 1 Halycon Software 1 Iasp 2026-04-16 N/A
Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095.
CVE-2005-0253 1 Guillaumegardey 1 Biborb 2026-04-16 N/A
Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter.
CVE-2005-1080 2 Redhat, Sun 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more 2026-04-16 N/A
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.
CVE-2005-2792 1 Phpldapadmin Project 1 Phpldapadmin 2026-04-16 N/A
Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
CVE-2003-1529 1 Seagull Software Systems 1 J Walk Application Server 2026-04-16 N/A
Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL.
CVE-2005-3355 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".