Total
7987 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0223 | 1 Topcmm Computing | 1 123 Flash Chat Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field. | ||||
| CVE-2002-2154 | 1 Monkey-project | 1 Monkey | 2025-04-03 | N/A |
| Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences. | ||||
| CVE-2005-0253 | 1 Guillaumegardey | 1 Biborb | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter. | ||||
| CVE-2005-3347 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346. | ||||
| CVE-2006-1095 | 1 Apache | 1 Mod Python | 2025-04-03 | N/A |
| Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie. | ||||
| CVE-2006-0931 | 1 Pear | 1 Pear Archive Tar | 2025-04-03 | N/A |
| Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive. | ||||
| CVE-2002-2375 | 1 Stalker | 1 Communigate Pro | 2025-04-03 | N/A |
| Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information. | ||||
| CVE-2003-1380 | 1 Bisonftp | 1 Bisonftp Server 4 | 2025-04-03 | N/A |
| Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | ||||
| CVE-2003-1335 | 1 Kai Blankenhorn Bitfolge | 1 Simple And Nice Index File | 2025-04-03 | N/A |
| Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.5 allows remote attackers to download files from locations above the snif directory. | ||||
| CVE-2006-0434 | 1 Phpxplorer | 1 Phpxplorer | 2025-04-03 | N/A |
| Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability. | ||||
| CVE-2001-0780 | 1 Cosmicperl | 1 Directory Pro | 2025-04-03 | N/A |
| Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. | ||||
| CVE-2004-1991 | 1 Aldostools | 1 Aldo\'s Web Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. (dot dot) in an HTTP GET request. | ||||
| CVE-2004-1364 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2025-04-03 | N/A |
| Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | ||||
| CVE-2006-0795 | 1 Thomastsoi | 1 Quirex | 2025-04-03 | N/A |
| Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_foot, and (3) template variables. | ||||
| CVE-2001-1432 | 1 Cherokee | 1 Cherokee Httpd | 2025-04-03 | N/A |
| Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2002-2387 | 1 Mollensoft Software | 1 Hyperion Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command. | ||||
| CVE-2006-3934 | 1 Alkacon | 1 Opencms | 2025-04-03 | N/A |
| Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter. | ||||
| CVE-2003-1465 | 1 Phorum | 1 Phorum | 2025-04-03 | N/A |
| Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. | ||||
| CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | ||||
| CVE-2004-2686 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. | ||||