Search Results (9695 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1501 1 Gast Arbeiter 1 Gast Arbeiter 2026-04-16 N/A
Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attackers to write arbitrary files via a .. (dot dot) in the req_file parameter.
CVE-2003-1529 1 Seagull Software Systems 1 J Walk Application Server 2026-04-16 N/A
Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL.
CVE-2003-1537 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php.
CVE-2005-2792 1 Phpldapadmin Project 1 Phpldapadmin 2026-04-16 N/A
Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
CVE-2005-2033 1 Blue-collar Productions 1 I-gallery 2026-04-16 N/A
Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter.
CVE-2002-2269 1 Webster 1 Webster Http Server 2026-04-16 N/A
Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2005-0372 2 Gnome, Redhat 2 Gtk, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
CVE-2002-2292 1 Halycon Software 1 Iasp 2026-04-16 N/A
Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095.
CVE-2002-2351 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
CVE-2003-0593 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-2003-1373 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php.
CVE-2001-1205 1 Matrixs Cgi Vault 1 Last Lines 2026-04-16 N/A
Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $error_log variable.
CVE-2002-2403 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.
CVE-2001-0780 1 Cosmicperl 1 Directory Pro 2026-04-16 N/A
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
CVE-2001-1432 1 Cherokee 1 Cherokee Httpd 2026-04-16 N/A
Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2002-2375 1 Stalker 1 Communigate Pro 2026-04-16 N/A
Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information.
CVE-2002-2387 1 Mollensoft Software 1 Hyperion Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command.
CVE-2002-2399 1 Cascadesoft 1 W3mail 2026-04-16 N/A
Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2002-2416 1 Zeroo 1 Http Server 2026-04-16 N/A
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.
CVE-2004-0175 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.