Search Results (9601 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-1710 1 Ramoncastro 1 Siestta 2025-04-11 N/A
Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the idioma parameter.
CVE-2010-1679 1 Debian 1 Dpkg 2025-04-11 N/A
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.
CVE-2010-1659 2 Joomla, Webkul 2 Joomla\!, Com Ultimateportfolio 2025-04-11 N/A
Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1658 1 Code-garage 1 Com Noticeboard 2025-04-11 N/A
Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1657 1 Recly 1 Com Smartsite 2025-04-11 N/A
Directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1653 2 Htmlcoderhelper, Joomla 2 Com Graphics, Joomla\! 2025-04-11 N/A
Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1652 1 Helpcenterlive 1 Hcl 2025-04-11 N/A
Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information.
CVE-2010-1607 2 Joomla, Paysyspro 2 Joomla\!, Com Wmi 2025-04-11 N/A
Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1603 2 Joomla, Zimbllc 2 Joomla\!, Com Zimbcore 2025-04-11 N/A
Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1602 2 Joomla, Zimbllc 2 Joomla\!, Com Zimbcomment 2025-04-11 N/A
Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
CVE-2010-1601 2 Joomla, Joomlamart 2 Joomla\!, Com Jacomment 2025-04-11 N/A
Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
CVE-2010-1589 1 Vpasp 1 Vp-asp Shopping Cart 2025-04-11 N/A
Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname (aka the REMOTE_HOST variable), related to the CookielessGenerateFilename and CookielessReadFile functions.
CVE-2010-1577 1 Cisco 2 Content Delivery System, Internet Streamer 2025-04-11 N/A
Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL.
CVE-2010-1063 1 Phpkobo 1 Free Real Estate Contact Form Script 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) codelib/cfg/common.inc.php, (2) form/app/common.inc.php, and (3) staff/app/common.inc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1062 1 Phpkobo 1 Free Real Estate Contact Form Script 2025-04-11 N/A
Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-1061 1 Phpkobo 1 Short Url 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) url/app/common.inc.php and (2) codelib/cfg/common.inc.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-4831 1 David Azoulay 1 Web File Browser 2025-04-11 N/A
Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action.
CVE-2012-0365 1 Cisco 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more 2025-04-11 N/A
Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009.
CVE-2011-4717 1 Zftpserver 1 Zftpserver Suite 2025-04-11 N/A
Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.
CVE-2009-2693 2 Apache, Redhat 5 Tomcat, Certificate System, Enterprise Linux and 2 more 2025-04-11 N/A
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.