| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name. |
| Directory traversal vulnerability in the web interface in Apple iPhone Configuration Web Utility 1.0 on Windows allows remote attackers to read arbitrary files via unspecified vectors. |
| Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters. |
| Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter. |
| Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. |
| Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read arbitrary files via a .. (dot dot) in the m parameter. |
| Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. |
| Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP GET request. |
| Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. |
| Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors. |
| Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/. |
| Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request. |
| Absolute path traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to read arbitrary files via a base64-encoded absolute path in the filename parameter. |
| Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter. |
| Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable). |
| Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. |
| Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter. |
| Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter. |
| Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the lang parameter to index.php. |
| Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. |
