ReportizFlow
Filtered by vendor
Subscriptions
Total
8516 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5049 | 1 Readydesk | 1 Readydesk | 2025-04-12 | N/A |
| Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in the FNAME parameter. | ||||
| CVE-2014-0632 | 1 Emc | 1 Vplex Geosynchrony | 2025-04-12 | N/A |
| Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-9177 | 2 Redhat, Sparkjava | 3 Jboss Amq, Jboss Fuse, Spark | 2025-04-12 | N/A |
| Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2013-4054 | 1 Ibm | 1 Websphere Mq | 2025-04-12 | N/A |
| Directory traversal vulnerability in WMQ Telemetry in IBM WebSphere MQ 7.5 before 7.5.0.3 allows remote attackers to read arbitrary files via a crafted URI. | ||||
| CVE-2015-5199 | 2 Canonical, Libvdpau Project | 2 Ubuntu Linux, Libvdpau | 2025-04-12 | N/A |
| Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable. | ||||
| CVE-2014-3777 | 1 Reportico | 1 Php Report Designer | 2025-04-12 | N/A |
| Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter. | ||||
| CVE-2015-2995 | 1 Sysaid | 1 Sysaid | 2025-04-12 | N/A |
| The RdsLogsEntry servlet in SysAid Help Desk before 15.2 does not properly check file extensions, which allows remote attackers to upload and execute arbitrary files via a NULL byte after the extension, as demonstrated by a .war%00 file. | ||||
| CVE-2016-0855 | 1 Advantech | 1 Webaccess | 2025-04-12 | N/A |
| Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. | ||||
| CVE-2016-6232 | 2 Canonical, Kde | 2 Ubuntu Linux, Karchives | 2025-04-12 | N/A |
| Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. | ||||
| CVE-2014-0598 | 1 Novell | 1 Open Enterprise Server | 2025-04-12 | N/A |
| Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors. | ||||
| CVE-2016-5098 | 2 Opensuse, Phpmyadmin | 2 Opensuse, Phpmyadmin | 2025-04-12 | N/A |
| Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error. | ||||
| CVE-2016-6371 | 1 Cisco | 1 Hosted Collaboration Mediation Fulfillment | 2025-04-12 | N/A |
| Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717. | ||||
| CVE-2015-5482 | 1 Dev4press | 1 Gd Bbpress Attachments | 2025-04-12 | N/A |
| Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the tab parameter in the gdbbpress_attachments page to wp-admin/edit.php. | ||||
| CVE-2015-2243 | 1 Webshophun | 1 Webshop Hun | 2025-04-12 | N/A |
| Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php. | ||||
| CVE-2019-25073 | 1 Goa.design | 1 Goa | 2025-04-12 | 7.5 High |
| Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory. | ||||
| CVE-2018-25046 | 1 Cloudfoundry | 1 Archiver | 2025-04-12 | 9.1 Critical |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | ||||
| CVE-2024-57549 | 1 Cmsimple | 1 Cmsimple | 2025-04-11 | 7.5 High |
| CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request. | ||||
| CVE-2022-44564 | 1 Huawei | 2 Aslan-al10, Aslan-al10 Firmware | 2025-04-11 | 7.8 High |
| Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources. | ||||
| CVE-2020-36566 | 1 Tar-utils Project | 1 Tar-utils | 2025-04-11 | 9.1 Critical |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | ||||
| CVE-2020-36561 | 1 Unzip Project | 1 Unzip | 2025-04-11 | 9.1 Critical |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | ||||