Total
7421 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-0911 | 1 Dounokouno | 1 Transmitmail | 2025-04-12 | N/A |
Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling. | ||||
CVE-2014-9734 | 1 Themepunch | 1 Slider Revolution | 2025-04-12 | N/A |
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. | ||||
CVE-2014-9581 | 1 Codiad | 1 Codiad | 2025-04-12 | N/A |
Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information. | ||||
CVE-2011-5310 | 1 Cherry-design | 1 Wikipad | 2025-04-12 | N/A |
Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | ||||
CVE-2014-9767 | 3 Hiphop Virtual Machine For Php Project, Php, Redhat | 3 Hiphop Virtual Machine For Php, Php, Rhel Software Collections | 2025-04-12 | N/A |
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. | ||||
CVE-2015-3940 | 1 Schneider-electric | 1 Wonderware System Platform 2014 | 2025-04-12 | N/A |
Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
CVE-2015-1589 | 1 Archmage Project | 1 Archmage | 2025-04-12 | N/A |
Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. (dot dot) in a CHM file. | ||||
CVE-2015-0933 | 1 Sharelatex | 1 Sharelatex | 2025-04-12 | N/A |
Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid openin_any setting is omitted, allows remote authenticated users to read arbitrary files via a \include command. | ||||
CVE-2013-6975 | 1 Cisco | 1 Nx-os | 2025-04-12 | N/A |
Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. | ||||
CVE-2014-9447 | 2 Elfutils Project, Redhat | 2 Elfutils, Enterprise Linux | 2025-04-12 | N/A |
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program. | ||||
CVE-2014-9436 | 1 Sysaid | 1 Sysaid | 2025-04-12 | N/A |
Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile. | ||||
CVE-2015-4152 | 1 Elastic | 1 Logstash | 2025-04-12 | N/A |
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option. | ||||
CVE-2014-9452 | 1 Vdgsecurity | 1 Vdg Sense | 2025-04-12 | N/A |
Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI to images/. | ||||
CVE-2014-9375 | 1 Lexmark | 1 Markvision Enterprise | 2025-04-12 | N/A |
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive. | ||||
CVE-2015-4425 | 1 Pimcore | 1 Pimcore | 2025-04-12 | N/A |
Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users with the "assets" permission to create or write to arbitrary files via a .. (dot dot) in the dir parameter to admin/asset/add-asset-compatibility. | ||||
CVE-2015-4616 | 1 Easy2map Project | 1 Easy2map | 2025-04-12 | N/A |
Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.5 for WordPress allows remote attackers to create arbitrary files via a .. (dot dot) in the map_id parameter. | ||||
CVE-2014-9389 | 1 Sonatype | 1 Nexus | 2025-04-12 | N/A |
Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors. | ||||
CVE-2014-9373 | 1 Manageengine | 1 Netflow Analyzer | 2025-04-12 | N/A |
Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. (dot dot) in the filename. | ||||
CVE-2014-9461 | 1 Reality66 | 1 Cart66 Lite | 2025-04-12 | N/A |
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the member_download action to wp-admin/admin-ajax.php. | ||||
CVE-2016-8280 | 1 Huawei | 1 Esight | 2025-04-12 | N/A |
Directory traversal vulnerability in Huawei eSight before V300R003C20SPC005 allows remote authenticated users to read arbitrary files via unspecified vectors. |