Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1373 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. | |||||
| CVE-2001-1432 | 1 Cherokee | 1 Cherokee Httpd | 2025-04-03 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2004-0273 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2025-04-03 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. | |||||
| CVE-2003-1349 | 1 Thomas Krebs | 1 Niteserver Ftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command. | |||||
| CVE-2005-2792 | 1 Phpldapadmin Project | 1 Phpldapadmin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter. | |||||
| CVE-2005-2378 | 1 Oracle | 1 Reports | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Oracle Reports allows remote attackers to read arbitrary files via an absolute or relative path to the (1) CUSTOMIZE or (2) desformat parameters to rwservlet. NOTE: vector 2 is probably the same as CVE-2006-0289, and fixed in Jan 2006 CPU. | |||||
| CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | |||||
| CVE-2004-1927 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter. | |||||
| CVE-2005-2033 | 1 Blue-collar Productions | 1 I-gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. | |||||
| CVE-2005-2619 | 2 Autonomy, Ibm | 4 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 1 more | 2025-04-03 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview. | |||||
| CVE-2005-3548 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Task Manager in Invision Power Board (IP.Board) 2.0.1 allows limited remote attackers to include files via a .. (dot dot) in the "Task PHP File To Run" field. | |||||
| CVE-2002-2403 | 1 Key Focus | 1 Kf Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences. | |||||
| CVE-2004-1991 | 1 Aldostools | 1 Aldo\'s Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. (dot dot) in an HTTP GET request. | |||||
| CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | |||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2025-04-03 | 4.3 MEDIUM | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | |||||
| CVE-2005-0253 | 1 Guillaumegardey | 1 Biborb | 2025-04-03 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter. | |||||
| CVE-2006-0434 | 1 Phpxplorer | 1 Phpxplorer | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability. | |||||
| CVE-2002-2399 | 1 Cascadesoft | 1 W3mail | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2002-2269 | 1 Webster | 1 Webster Http Server | 2025-04-03 | 9.4 HIGH | N/A |
| Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2002-2351 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 6.4 MEDIUM | N/A |
| Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot). | |||||