Search Results (9720 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-2933 1 Caldera 1 Caldera 2025-04-12 N/A
Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.
CVE-2014-3317 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
CVE-2014-3319 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.
CVE-2014-3323 1 Cisco 1 Unified Contact Center Enterprise 2025-04-12 N/A
Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262.
CVE-2014-3340 1 Cisco 1 Webex Meetmenow 2025-04-12 N/A
Directory traversal vulnerability in an unspecified PHP script in the server in Cisco WebEx MeetMeNow allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCuo16166.
CVE-2014-3460 1 Microfocus 2 Sentinel, Sentinel Agent Manager 2025-04-12 N/A
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.
CVE-2014-3777 1 Reportico 1 Php Report Designer 2025-04-12 N/A
Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter.
CVE-2014-3806 1 Vmturbo 1 Operations Manager 2025-04-12 N/A
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter.
CVE-2014-3855 1 Pyplate 1 Pyplate 2025-04-12 N/A
Directory traversal vulnerability in download.py in Pyplate 0.08 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2014-3864 1 Debian 1 Dpkg-dev 2025-04-12 N/A
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line.
CVE-2014-3865 1 Debian 1 Dpkg-dev 2025-04-12 N/A
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname.
CVE-2014-3914 1 Rocketsoftware 1 Rocket Servergraph 2025-04-12 N/A
Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote attackers to (1) create arbitrary files via a .. (dot dot) in the query parameter in a writeDataFile action to the fileRequestor servlet, execute arbitrary files via a .. (dot dot) in the query parameter in a (2) run or (3) runClear action to the fileRequestor servlet, (4) read arbitrary files via a readDataFile action to the fileRequestor servlet, (5) execute arbitrary code via a save_server_groups action to the userRequest servlet, or (6) delete arbitrary files via a del action in the fileRequestServlet servlet.
CVE-2014-3975 1 Auracms 1 Auracms 2025-04-12 N/A
Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter.
CVE-2014-4384 1 Apple 1 Iphone Os 2025-04-12 N/A
Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle.
CVE-2014-4507 1 Theforeman 1 Foreman 2025-04-12 N/A
Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the dst parameter to tftp/fetch_boot_file.
CVE-2014-4577 1 Websupporter 1 Wp Amasin - The Amazon Affiliate Shop 2025-04-12 N/A
Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter.
CVE-2014-4937 1 Bookx Plugin Project 1 Bookx 2025-04-12 N/A
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2014-4940 1 Tera Charts Plugin Project 1 Tera-charts 2025-04-12 N/A
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
CVE-2014-4941 1 Cross-rss Plugin Project 1 Wp-cross-rss 2025-04-12 N/A
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
CVE-2014-5005 1 Zohocorp 1 Manageengine Desktop Central 2025-04-12 N/A
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter in an LFU action to statusUpdate.