21090 matches found
CVE-2011-2468
Directory traversal vulnerability in the web interface in AnyMacro Mail System G4X allows remote attackers to read arbitrary files via directory traversal sequences in a request...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
CVE-2010-3306
Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI...
CVE-2017-9829
'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable, which allows remote attackers to read any file on the camera's Linux filesystem via a crafted HTTP request containing ".." sequences. This vulnerability is already verified on VIVOTEK...
CVE-2018-10388
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
CVE-2018-10389
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet...
CVE-2010-1298
Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arbitrary files via directory traversal sequences in the f parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2010-1730
Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service application crash via JavaScript that writes sequences in an infinite loop...
CVE-2010-1731
Google Chrome on the HTC Hero allows remote attackers to cause a denial of service application crash via JavaScript that writes sequences in an infinite loop...
CVE-2013-3513
Multiple cross-site request forgery CSRF vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that 1 store XSS sequences or 2 delete entries...
CVE-2013-2709
Cross-site request forgery CSRF vulnerability in the FourSquare Checkins plugin before 1.3 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...
CVE-2013-2697
Cross-site request forgery CSRF vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...
CVE-2010-1082
Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magicquotesgpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the 1 theme parameter to loadStyles.php and the 2 scripts parameter to javascript/loadScripts.php. NOTE: the...
CVE-2010-1063
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter to 1 codelib/cfg/common.inc.php, 2...
CVE-2010-1061
Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter to 1 url/app/common.inc.php and 2 codelib/cfg/common.inc.php...
CVE-2010-1059
Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter. NOTE: the provenance of this...
CVE-2015-2243
Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php...
CVE-2010-1374
Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation...
CVE-2005-3782
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering "restart", "power", or "shutdown" sequences after t...
CVE-2005-1798
Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. dot dot sequences in an HTTP request...