Search Results (9714 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-2979 1 Ibm 2 Infosphere Optim Performance Manager, Optim Performance Manager 2025-04-11 N/A
Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL.
CVE-2013-2981 1 Ibm 1 Data Studio 2025-04-11 N/A
Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-2984 1 Ibm 2 Sterling B2b Integrator, Sterling File Gateway 2025-04-11 N/A
Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors.
CVE-2013-2988 1 Ibm 1 Cognos Business Intelligence 2025-04-11 N/A
Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978.
CVE-2013-3042 1 Ibm 2 Rational Software Architect Design Manager, Rhapsody Design Manager 2025-04-11 N/A
Directory traversal vulnerability in the server in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files.
CVE-2013-3043 1 Ibm 2 Rational Software Architect Design Manager, Rhapsody Design Manager 2025-04-11 N/A
Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager and Rhapsody Design Manager 3.x and 4.x before 4.0.5 allows local users to read arbitrary files via vectors involving temporary files.
CVE-2013-3921 1 Easytimestudio 1 Easy File Manager 2025-04-11 N/A
Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) to the default URI.
CVE-2013-3922 1 Gummybearstudios 1 Ftp Drive \+ Http Server 2025-04-11 N/A
Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.
CVE-2013-3923 1 Savysoda 1 Wifi Free Hd 2025-04-11 N/A
Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.
CVE-2010-1577 1 Cisco 2 Content Delivery System, Internet Streamer 2025-04-11 N/A
Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL.
CVE-2013-4093 1 Imperva 1 Securesphere 2025-04-11 N/A
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath field, or (2) a T/keyManagement request to plain/settings.html, which reveals a temporary path in an error message.
CVE-2013-4097 1 Ds3 1 Authentication Server 2025-04-11 N/A
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error message.
CVE-2013-5011 1 Symantec 1 Endpoint Protection 2025-04-11 N/A
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
CVE-2013-5021 2 Abb, Ni 5 Datamanager, Labview, Labwindows and 2 more 2025-04-11 N/A
Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunction with file content in the (a) Caption or (b) FormatString property value.
CVE-2013-5022 1 Ni 4 Labview, Labwindows, Measurementstudio and 1 more 2025-04-11 N/A
Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.
CVE-2013-5107 1 Rockmongo 1 Rockmongo 2025-04-11 N/A
Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to index.php.
CVE-2013-5216 1 Capasystems 1 Performance Guard 2025-04-11 N/A
Directory traversal vulnerability in logreader/uploadreader.jsp in CapaSystems Performance Guard before 6.2.102 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-5219 1 Hot 2 Hotbox Router, Hotbox Router Firmware 2025-04-11 N/A
Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in a URI, as demonstrated by a request for /etc/passwd.
CVE-2013-5301 1 Trustport 1 Webfilter 2025-04-11 N/A
Directory traversal vulnerability in help.php in Trustport Webfilter 5.5.0.2232 allows remote attackers to read arbitrary files via a .. (dot dot) in the hf parameter.
CVE-2013-6397 2 Apache, Redhat 3 Solr, Jboss Data Grid, Jboss Enterprise Web Framework 2025-04-11 N/A
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.