Search Results (9695 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0403 1 Rsa 1 Envision 2025-04-11 N/A
Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors.
CVE-2012-0410 1 Novell 1 Groupwise 2025-04-11 N/A
Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
CVE-2010-0403 1 Phpgroupware 1 Phpgroupware 2025-04-11 N/A
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.
CVE-2010-0407 2 Muscle, Redhat 3 Pcsc-lite, Certificate System, Enterprise Linux 2025-04-11 N/A
Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
CVE-2010-3867 1 Proftpd 1 Proftpd 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
CVE-2010-3102 1 3dftp 1 3d-ftp Client 2025-04-11 N/A
Directory traversal vulnerability in SiteDesigner Technologies, Inc. 3D-FTP Client 9.0 build 2, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2010-3103 1 Ftpgetter 1 Ftpgetter 2025-04-11 N/A
Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.05, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
CVE-2013-3598 1 Searchblox 1 Searchblox 2025-04-11 N/A
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.
CVE-2010-0620 1 Emc 1 Homebase Server 2025-04-11 N/A
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.
CVE-2010-1722 2 Dev.pucit.edu.pk, Joomla 2 Com Market, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-0154 1 Ibm 2 Proventia Network Mail Security System Virtual Appliance, Proventia Network Mail Security System Virtual Appliance Firmware 2025-04-11 N/A
Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the l parameter, related to an "Insecure Direct Object Reference vulnerability."
CVE-2010-0831 2 Matthias Klose, Redhat 2 Fastjar, Enterprise Linux 2025-04-11 N/A
Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.
CVE-2011-1389 1 Ibm 3 Rational License Key Server, Rational License Server, Telelogic License Server 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-4135.
CVE-2010-3261 1 Rsa 1 Authentication Agent For Web 2025-04-11 N/A
Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors.
CVE-2010-0989 1 Pulsecms 1 Pulse Cms 2025-04-11 N/A
Directory traversal vulnerability in delete.php in Pulse CMS before 1.2.3 allows remote authenticated users to delete arbitrary files via directory traversal sequences in the f parameter.
CVE-2010-1062 1 Phpkobo 1 Free Real Estate Contact Form Script 2025-04-11 N/A
Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1077 2 Vbseo, Vbulletin 2 Vbseo, Vbulletin 2025-04-11 N/A
Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.
CVE-2012-4940 1 Gecad 1 Axigen Free Mail Server 2025-04-11 N/A
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
CVE-2010-1082 1 Openinferno 1 Oi.blogs 2025-04-11 N/A
Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the (1) theme parameter to loadStyles.php and the (2) scripts parameter to javascript/loadScripts.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2013-1082 1 Novell 1 Zenworks Mobile Management 2025-04-11 N/A
Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter.