Search Results (9566 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-10834 1 Nippon-antenna 2 Scr02hd, Scr02hd Firmware 2025-04-20 N/A
Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.
CVE-2017-1000170 1 Jqueryfiletree Project 1 Jqueryfiletree 2025-04-20 7.5 High
jqueryFileTree 2.1.5 and older Directory Traversal
CVE-2017-1000115 3 Debian, Mercurial, Redhat 9 Debian Linux, Mercurial, Enterprise Linux and 6 more 2025-04-20 N/A
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
CVE-2017-1000062 1 Kitto Project 1 Kitto 2025-04-20 N/A
kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution
CVE-2016-8933 1 Ibm 1 Kenexa Lms 2025-04-20 N/A
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system.
CVE-2016-8913 1 Ibm 1 Kenexa Lms On Cloud 2025-04-20 N/A
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVE-2016-8211 1 Dell 1 Emc Data Protection Advisor 2025-04-20 7.5 High
EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system.
CVE-2016-8207 1 Brocade 1 Network Advisor 2025-04-20 N/A
A Directory Traversal vulnerability in CliMonitorReportServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to read arbitrary files including files with sensitive user information.
CVE-2016-8206 1 Brocade 1 Network Advisor 2025-04-20 N/A
A Directory Traversal vulnerability in servlet SoftwareImageUpload in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to write to arbitrary files, and consequently delete the files.
CVE-2016-8205 1 Brocade 1 Network Advisor 2025-04-20 N/A
A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.
CVE-2016-8204 1 Broadcom 1 Brocade Network Advisor 2025-04-20 9.8 Critical
A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed.
CVE-2016-7982 1 Spip 1 Spip 2025-04-20 N/A
Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action.
CVE-2016-6601 1 Zohocorp 1 Webnms Framework 2025-04-20 N/A
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.
CVE-2016-6600 1 Zohocorp 1 Webnms Framework 2025-04-20 N/A
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the fileName parameter to servlets/FileUploadServlet.
CVE-2016-5941 1 Ibm 1 Kenexa Lms 2025-04-20 N/A
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system.
CVE-2016-5803 1 Ca Technologies 1 Unified Infrastructure Management 2025-04-20 N/A
An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.
CVE-2016-5725 3 Jcraft, Microsoft, Redhat 4 Jsch, Windows, Jboss Amq and 1 more 2025-04-20 N/A
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.
CVE-2016-4987 1 Jenkins 1 Image Gallery 2025-04-20 6.5 Medium
Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.
CVE-2016-4986 1 Jenkins 1 Tap 2025-04-20 7.5 High
Directory traversal vulnerability in the TAP plugin before 1.25 in Jenkins allows remote attackers to read arbitrary files via an unspecified parameter.
CVE-2016-3151 1 Barco 6 Clickshare Csc-1, Clickshare Csc-1 Firmware, Clickshare Cse-200 and 3 more 2025-04-20 N/A
Directory traversal vulnerability in the wallpaper parsing functionality in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to read /etc/shadow via unspecified vectors.