Search Results (9657 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0676 2 Joomla, Weberr 2 Joomla\!, Com Rwcards 2025-04-11 N/A
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter.
CVE-2011-2167 2 Dovecot, Redhat 2 Dovecot, Enterprise Linux 2025-04-11 N/A
script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
CVE-2013-0911 1 Google 1 Chrome 2025-04-11 N/A
Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases.
CVE-2012-4131 1 Cisco 1 Nx-os 2025-04-11 N/A
Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164.
CVE-2010-1003 1 Efrontlearning 1 Efront 2025-04-11 N/A
Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through 3.5.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langname parameter.
CVE-2013-4093 1 Imperva 1 Securesphere 2025-04-11 N/A
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message.
CVE-2013-4097 1 Ds3 1 Authentication Server 2025-04-11 N/A
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message.
CVE-2012-0991 1 Openemr 1 Openemr 2025-04-11 N/A
Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter.
CVE-2013-1079 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls the Initialize method.
CVE-2013-1081 1 Novell 1 Zenworks Mobile Management 2025-04-11 N/A
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.
CVE-2013-1084 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.
CVE-2010-0533 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors.
CVE-2013-3043 1 Ibm 2 Rational Software Architect Design Manager, Rhapsody Design Manager 2025-04-11 N/A
Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files.
CVE-2010-1469 2 Joomla, Ternaria 2 Joomla\!, Com Jprojectmanager 2025-04-11 N/A
Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1058 1 Phpkobo 1 Address Book Script 2025-04-11 N/A
Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter.
CVE-2010-5286 2 Joobi, Joomla 2 Com Jstore, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1474 2 Joomla, Supachai Teasakul 2 Joomla\!, Com Sweetykeeper 2025-04-11 N/A
Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-4231 2 Camtron, Tecvoz 4 Cmnc-200, Cmnc-200 Firmware, Cmnc-200 and 1 more 2025-04-11 N/A
Directory traversal vulnerability in the web-based administration interface on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera with firmware 1.102A-008 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2012-3011 1 Fultek 1 Wintr Scada 2025-04-11 N/A
Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request.
CVE-2012-2202 1 Ibm 3 Lotus Protector For Mail Security, Proventia Network Mail Security System, Proventia Network Mail Security System Firmware 2025-04-11 N/A
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.