Total
7850 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5345 | 4 Apache, Canonical, Debian and 1 more | 5 Tomcat, Ubuntu Linux, Debian Linux and 2 more | 2025-04-12 | N/A |
| The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. | ||||
| CVE-2015-8358 | 1 Bitrix | 1 Mpbuilder | 2025-04-12 | N/A |
| Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php. | ||||
| CVE-2015-8357 | 1 Bitrix | 1 Xscan | 2025-04-12 | N/A |
| Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php. | ||||
| CVE-2015-7815 | 1 Matomo | 1 Matomo | 2025-04-12 | N/A |
| Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter. | ||||
| CVE-2015-7683 | 1 Font Project | 1 Font | 2025-04-12 | N/A |
| Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxProxy.php. | ||||
| CVE-2015-7603 | 1 Konicaminolta | 1 Ftp Utility | 2025-04-12 | N/A |
| Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in a RETR command. | ||||
| CVE-2013-1604 | 1 Maygion | 1 Ip Camera Firmware | 2025-04-12 | N/A |
| Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI. | ||||
| CVE-2015-7602 | 1 Bisonware | 1 Bisonftp | 2025-04-12 | N/A |
| Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command. | ||||
| CVE-2015-7250 | 1 Zte | 2 Zxhn H108n R1a, Zxhn H108n R1a Firmware | 2025-04-12 | N/A |
| Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. | ||||
| CVE-2015-7237 | 1 Mcafee | 1 Mcafee Agent | 2025-04-12 | N/A |
| Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-7037 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. | ||||
| CVE-2015-6003 | 1 Qnap | 1 Qts | 2025-04-12 | N/A |
| Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account. | ||||
| CVE-2015-5766 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to access arbitrary filesystem locations via vectors related to asset handling. | ||||
| CVE-2015-5650 | 1 Ajaxplorer | 1 Ajaxplorer | 2025-04-12 | N/A |
| Directory traversal vulnerability in AjaXplorer 2.0 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2015-5638 | 1 Dena | 1 H20 | 2025-04-12 | N/A |
| Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL. | ||||
| CVE-2015-5472 | 1 Ibs Mappro Project | 1 Ibs Mappro | 2025-04-12 | N/A |
| Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter. | ||||
| CVE-2015-0933 | 1 Sharelatex | 1 Sharelatex | 2025-04-12 | N/A |
| Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid openin_any setting is omitted, allows remote authenticated users to read arbitrary files via a \include command. | ||||
| CVE-2015-5353 | 1 Novius-os | 1 Novius Os | 2025-04-12 | N/A |
| Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tab parameter to admin/. | ||||
| CVE-2015-5305 | 1 Redhat | 1 Openshift | 2025-04-12 | N/A |
| Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd. | ||||
| CVE-2015-5149 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2025-04-12 | N/A |
| Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Request component to workorder/Attachment.jsp. | ||||