Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1669 | 1 Phpmoneybooks | 1 Phpmoneybooks | 2014-11-18 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. | |||||
| CVE-2014-4577 | 1 Websupporter | 1 Wp Amasin - The Amazon Affiliate Shop | 2014-11-06 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter. | |||||
| CVE-2013-3304 | 1 Dell | 1 Equallogic Ps4000 Firmware | 2014-10-31 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI. | |||||
| CVE-2012-5242 | 1 Bananadance | 1 Banana Dance | 2014-10-24 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter in a get_template action. | |||||
| CVE-2014-5465 | 1 Werdswords | 1 Download Shortcode | 2014-09-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2014-5115 | 1 Dirphp Project | 1 Dirphp | 2014-08-27 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php. | |||||
| CVE-2014-5350 | 1 Bitdefender | 1 Gravityzone | 2014-08-20 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2E%2E (encoded dot dot) in the default URI to port 7074 on the Update Server. | |||||
| CVE-2014-5197 | 1 Splunk | 1 Splunk | 2014-08-13 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URI, related to search ids. | |||||
| CVE-2014-3914 | 1 Rocketsoftware | 1 Rocket Servergraph | 2014-08-07 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to the fileRequestor servlet, execute arbitrary files via a .. (dot dot) in the query parameter in a (2) run or (3) runClear action to the fileRequestor servlet, (4) read arbitrary files via a readDataFile action to the fileRequestor servlet, (5) execute arbitrary code via a save_server_groups action to the userRequest servlet, or (6) delete arbitrary files via a del action in the fileRequestServlet servlet. | |||||
| CVE-2014-3855 | 1 Pyplate | 1 Pyplate | 2014-08-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download.py in Pyplate 0.08 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2013-6771 | 1 Splunk | 1 Splunk | 2014-08-07 | 9.3 HIGH | N/A |
| Directory traversal vulnerability in the collect script in Splunk before 5.0.5 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the file parameter. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2013-7394 is for the issue in the "runshellscript echo.sh" script. | |||||
| CVE-2014-5187 | 1 Tom M8te Plugin Project | 1 Tom-m8te Plugin | 2014-08-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote attackers to read arbitrary files via the file parameter to tom-download-file.php. | |||||
| CVE-2014-5181 | 1 Last.fm Rotation Plugin Project | 1 Lastfm-rotation Plugin | 2014-08-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snode parameter. | |||||
| CVE-2013-5757 | 1 Yealink | 1 Sip-t38g | 2014-08-04 | 4.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx. | |||||
| CVE-2013-5756 | 1 Yealink | 1 Sip-t38g | 2014-08-04 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx. | |||||
| CVE-2012-6651 | 1 Vitamin Plugin Project | 1 Vitamin | 2014-08-01 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_headers.php or (2) minify.php. | |||||
| CVE-2013-6221 | 1 Hp | 1 Service Virtualization | 2014-07-18 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031. | |||||
| CVE-2014-3777 | 1 Reportico | 1 Php Report Designer | 2014-07-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter. | |||||
| CVE-2014-4937 | 1 Bookx Plugin Project | 1 Bookx | 2014-07-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2014-4940 | 1 Tera Charts Plugin Project | 1 Tera-charts | 2014-07-14 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php. | |||||