Export limit exceeded: 366668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9701 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2472 1 Maynard Johnson 1 Oprofile 2025-04-11 N/A
Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760.
CVE-2010-0958 1 Thomas Perez 1 Tribisur 2025-04-11 N/A
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-3100 1 Portaplus 1 Porta\+ Ftp Client 2025-04-11 N/A
Directory traversal vulnerability in Porta+ FTP Client 4.1, and possibly other versions, allows remote FTP servers to overwrite arbitrary files via a directory traversal sequences in a filename.
CVE-2012-5344 1 Kepler Lam 1 Iptools 2025-04-11 N/A
Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a HTTP request.
CVE-2010-0972 2 G4j.laoneo, Joomla 2 Com Gcalendar, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2012-5331 1 Nasir Khan 1 Asaancart 2025-04-11 N/A
Directory traversal vulnerability in asaanCart 0.9 allows remote attackers to include arbitrary local files via a .. (dot dot) in the page parameter to index.php.
CVE-2013-6177 1 Emc 1 Document Sciences Xpression 2025-04-11 N/A
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary files by leveraging xDashboard access.
CVE-2011-4643 1 Splunk 1 Splunk 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
CVE-2010-1653 2 Htmlcoderhelper, Joomla 2 Com Graphics, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2011-0071 3 Microsoft, Mozilla, Redhat 5 Windows, Firefox, Seamonkey and 2 more 2025-04-11 N/A
Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.
CVE-2011-4714 1 Vvertex 1 Muster 2025-04-11 N/A
Directory traversal vulnerability in Virtual Vertex Muster before 6.20 allows remote attackers to read arbitrary files via a \.. (backslash dot dot) in the URL.
CVE-2010-1652 1 Helpcenterlive 1 Hcl 2025-04-11 N/A
Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information.
CVE-2011-4713 1 Oscss 1 Oscss 2025-04-11 N/A
Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the _ID parameter to (1) catalog/shopping_cart.php or (2) catalog/content.php.
CVE-2009-4902 1 Muscle 1 Pcsc-lite 2025-04-11 N/A
Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARD_CONTROL message data, which is improperly demarshalled. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0407.
CVE-2011-5217 1 Hitachi 2 Jp1\/serverconductor\/deploymentmanager, Serverconductor\/deploymentmanager 2025-04-11 N/A
Directory traversal vulnerability in the PXE Mtftp service in Hitachi JP1/ServerConductor/DeploymentManager before 08-55 Japanese and before 08-51 English allows remote attackers to read arbitrary files via unknown vectors.
CVE-2013-5534 1 Cisco 1 Unity Connection 2025-04-11 N/A
Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for a file that is not a valid audio file, aka Bug ID CSCuj22948.
CVE-2010-1848 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
CVE-2013-4524 1 Moodle 1 Moodle 2025-04-11 N/A
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path.
CVE-2010-1475 2 Joomla, Ternaria 2 Joomla\!, Com Preventive 2025-04-11 N/A
Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1268 1 Fh54 1 Justvisual 2025-04-11 N/A
Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.