Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | |||||
| CVE-2002-2238 | 1 Kunani | 1 Kunani Odbc Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in a GET request. | |||||
| CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | |||||
| CVE-2005-1925 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php. | |||||
| CVE-2003-1542 | 1 Ondrej Jombik | 1 Phpwebfilemanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the fm_path parameter. | |||||
| CVE-2006-0931 | 1 Pear | 1 Pear Archive Tar | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive. | |||||
| CVE-2003-0593 | 1 Opera | 1 Opera Browser | 2025-04-03 | 7.5 HIGH | N/A |
| Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | |||||
| CVE-2006-0976 | 1 Spid | 1 Spid | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in scan_lang_insert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows remote attackers to read arbitrary files via the lang parameter. | |||||
| CVE-2004-2750 | 1 Jbrowser | 1 Jbrowser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in browser.php in JBrowser 1.0 through 2.1 allows remote attackers to read arbitrary files via the directory parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-3347 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346. | |||||
| CVE-2004-1364 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2025-04-03 | 8.5 HIGH | N/A |
| Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | |||||
| CVE-2002-2375 | 1 Stalker | 1 Communigate Pro | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information. | |||||
| CVE-2006-2758 | 1 Jetty | 1 Jetty | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747. | |||||
| CVE-2004-2745 | 1 Anteco Visual Technologies | 1 Ownserver | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2002-2256 | 1 Pwins | 1 Pwins | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters. | |||||
| CVE-2005-1813 | 1 Futuresoft | 1 Tftp Server 2000 | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences. | |||||
| CVE-2002-2292 | 1 Halycon Software | 1 Iasp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095. | |||||
| CVE-2004-2749 | 1 2wire | 1 Homeportal | 2025-04-03 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error. | |||||
| CVE-2003-1345 | 1 Follett Software | 1 Webcollection Plus | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. | |||||
| CVE-2006-0795 | 1 Thomastsoi | 1 Quirex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_foot, and (3) template variables. | |||||