ReportizFlow
Filtered by vendor
Subscriptions
Total
8911 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0434 | 1 Phpxplorer | 1 Phpxplorer | 2026-04-16 | N/A |
| Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability. | ||||
| CVE-2004-0175 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. | ||||
| CVE-2005-2792 | 1 Phpldapadmin Project | 1 Phpldapadmin | 2026-04-16 | N/A |
| Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter. | ||||
| CVE-2006-0976 | 1 Spid | 1 Spid | 2026-04-16 | N/A |
| Directory traversal vulnerability in scan_lang_insert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows remote attackers to read arbitrary files via the lang parameter. | ||||
| CVE-2006-3360 | 1 Phpsysinfo | 1 Phpsysinfo | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists. | ||||
| CVE-2003-1380 | 1 Bisonftp | 1 Bisonftp Server 4 | 2026-04-16 | N/A |
| Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | ||||
| CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | ||||
| CVE-2005-1080 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | ||||
| CVE-2005-2378 | 1 Oracle | 1 Reports | 2026-04-16 | N/A |
| Directory traversal vulnerability in Oracle Reports allows remote attackers to read arbitrary files via an absolute or relative path to the (1) CUSTOMIZE or (2) desformat parameters to rwservlet. NOTE: vector 2 is probably the same as CVE-2006-0289, and fixed in Jan 2006 CPU. | ||||
| CVE-2005-1918 | 2 Gnu, Redhat | 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2026-04-16 | N/A |
| The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". | ||||
| CVE-2004-2717 | 1 Php Heaven | 1 Phpmychat | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2) What parameters. | ||||
| CVE-2002-2269 | 1 Webster | 1 Webster Http Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2002-2240 | 1 Myserver | 1 Myserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. | ||||
| CVE-2005-3355 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values". | ||||
| CVE-2002-2238 | 1 Kunani | 1 Kunani Odbc Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in a GET request. | ||||
| CVE-2002-2233 | 1 Mollensoft Software | 1 Enceladus Server Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..". | ||||
| CVE-2006-0950 | 1 Unalz | 1 Unalz | 2026-04-16 | N/A |
| unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename. | ||||
| CVE-2005-4600 | 1 Moxiecode | 1 Tinymce Compressor Php | 2026-04-16 | N/A |
| Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter. | ||||
| CVE-2003-1414 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. | ||||
| CVE-2002-2399 | 1 Cascadesoft | 1 W3mail | 2026-04-16 | N/A |
| Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||