Total
7631 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1095 | 1 Apache | 1 Mod Python | 2025-04-03 | N/A |
| Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie. | ||||
| CVE-2006-1746 | 1 Tincan | 1 Phplist | 2025-04-03 | N/A |
| Directory traversal vulnerability in PHPList 2.10.2 and earlier allows remote attackers to include arbitrary local files via the (1) GLOBALS[database_module] or (2) GLOBALS[language_module] parameters, which overwrite the underlying $GLOBALS variable. | ||||
| CVE-2006-2337 | 1 D-link | 1 Dsl-g604t | 2025-04-03 | N/A |
| Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | ||||
| CVE-2002-2399 | 1 Cascadesoft | 1 W3mail | 2025-04-03 | N/A |
| Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2004-1927 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | N/A |
| Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter. | ||||
| CVE-2002-2256 | 1 Pwins | 1 Pwins | 2025-04-03 | N/A |
| Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters. | ||||
| CVE-2006-2516 | 1 Xoops | 1 Xoops | 2025-04-03 | N/A |
| mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attackers to overwrite variables such as $xoopsOption['nocommon'] and conduct directory traversal attacks or include PHP files via (1) xoopsConfig[language] to misc.php or (2) xoopsConfig[theme_set] to index.php, as demonstrated by injecting PHP sequences into a log file. | ||||
| CVE-2002-2292 | 1 Halycon Software | 1 Iasp | 2025-04-03 | N/A |
| Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095. | ||||
| CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | ||||
| CVE-2001-0925 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2025-04-03 | N/A |
| The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex. | ||||
| CVE-2002-2269 | 1 Webster | 1 Webster Http Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2003-1427 | 1 Netgear | 1 Fm114p | 2025-04-03 | N/A |
| Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | ||||
| CVE-2003-1430 | 3 Epic Games, Linux, Microsoft | 3 Unreal Engine, Linux Kernel, All Windows | 2025-04-03 | N/A |
| Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | ||||
| CVE-2002-2351 | 1 Qualcomm | 1 Eudora | 2025-04-03 | N/A |
| Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot). | ||||
| CVE-2003-1499 | 1 Bytehoard | 1 Bytehoard | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in Bytehoard 0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the infolder parameter. | ||||
| CVE-2004-2749 | 1 2wire | 1 Homeportal | 2025-04-03 | N/A |
| Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error. | ||||
| CVE-2004-0273 | 1 Realnetworks | 3 Realone Desktop Manager, Realone Enterprise Desktop, Realone Player | 2025-04-03 | N/A |
| Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file. | ||||
| CVE-2004-1364 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | ||||
| CVE-2001-0780 | 1 Cosmicperl | 1 Directory Pro | 2025-04-03 | N/A |
| Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. | ||||
| CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2025-04-03 | N/A |
| parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | ||||