Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1224 | 1 Cisco | 1 Unified Customer Voice Portal | 2025-04-11 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369. | |||||
| CVE-2010-1302 | 2 Decryptweb, Joomla | 2 Com Dwgraphs, Joomla\! | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
| CVE-2013-5648 | 1 Id | 2 Id-software, Libdigidoc | 2025-04-11 | 6.8 MEDIUM | N/A |
| Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via a filename beginning with / (slash) or \ (backslash) in a DDOC file. | |||||
| CVE-2009-4952 | 2 Serge Gebhardt, Typo3 | 2 Dir Listing, Typo3 | 2025-04-11 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the Directory Listing (dir_listing) extension 1.1.0 and earlier for TYPO3 allows remote attackers to have an unspecified impact via unknown vectors. | |||||
| CVE-2010-4617 | 2 Joomla, Kanich | 2 Joomla\!, Com Jotloader | 2025-04-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | |||||
| CVE-2010-2018 | 1 Bukulokomedia | 1 Lokomedia Cms | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2013-1469 | 1 Piwigo | 1 Piwigo | 2025-04-11 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter. | |||||
| CVE-2013-3626 | 1 Attachmate | 1 Verastream Host Integrator | 2025-04-11 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a crafted message. | |||||
| CVE-2012-4701 | 1 Tridium | 1 Niagara Ax | 2025-04-11 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials or (2) the guest feature. | |||||
| CVE-2013-1645 | 1 Open-xchange | 1 Open-xchange Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the publication template path. | |||||
| CVE-2010-2797 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addbookmark.php, a different vulnerability than CVE-2008-5642. | |||||
| CVE-2010-5280 | 2 Joomla, Joomla-cbe | 2 Joomla\!, Com Cbe | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file upload feature. | |||||
| CVE-2013-5692 | 1 X2engine | 1 X2crm | 2025-04-11 | 8.5 HIGH | N/A |
| Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php/admin/translationManager. | |||||
| CVE-2013-0141 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-11 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory. | |||||
| CVE-2009-4000 | 1 Hp | 1 Power Manager | 2025-04-11 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter. | |||||
| CVE-2013-1082 | 1 Novell | 1 Zenworks Mobile Management | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. | |||||
| CVE-2010-1603 | 2 Joomla, Zimbllc | 2 Joomla\!, Com Zimbcore | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-4719 | 2 Fxwebdesign, Joomla | 2 Com Jradio, Joomla\! | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
| CVE-2012-6038 | 1 Razorcms | 1 Razorcms | 2025-04-11 | 6.5 MEDIUM | N/A |
| admin/core/admin_func.php in razorCMS before 1.2.1 does not properly restrict access to certain administrator directories and files, which allows remote authenticated users to read, edit, rename, move, copy and delete files via the (1) dir parameter in a fileman or (2) filemanview action. NOTE: this issue has been referred to as a "path traversal." | |||||
| CVE-2010-1354 | 2 Joomla, Ternaria | 2 Joomla\!, Com Vjdeo | 2025-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||