| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. |
| Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the --save argument, related to the --session-dir argument, a different vulnerability than CVE-2011-1760. |
| Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. |
| Directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. |
| Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. |
| Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. |
| Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. |
| Array index error in the rose_parse_national function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by composing FAC_NATIONAL_DIGIS data that specifies a large number of digipeaters, and then sending this data to a ROSE socket. |
| Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. |
| Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addbookmark.php, a different vulnerability than CVE-2008-5642. |
| Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows remote attackers to include arbitrary local files and possibly have unspecified other impact via directory traversal sequences in a crafted data-renderer request. |
| Directory traversal vulnerability in the tetra filer application 2.3.1 and earlier for Android 4.0.3, tetra filer free application 2.3.1 and earlier for Android 4.0.3, tetra filer application 1.5.1 and earlier for Android before 4.0.3, and tetra filer free application 1.5.1 and earlier for Android before 4.0.3 allows attackers to overwrite or create arbitrary files via unspecified vectors. |
| Directory traversal vulnerability in private/file_management.php on the IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, allows remote authenticated users to list arbitrary directories and possibly have unspecified other impact via a .. (dot dot) in the DIR parameter. |
| Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename. |
| Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. |
| Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command. |
| Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. |
| Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SESSION[userLang] parameter to (1) elisttasks.php, (2) managepmanagers.php, (3) manageusers.php, (4) helpfunc.php, (5) managegroups.php, (6) manageprocess.php, and (7) manageusersgroups.php. |
