6507 matches found
CVE-2004-0071
Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup 1.2.0 allows remote attackers to read arbitrary files via the command parameter $cmd variable to index.php...
CVE-2003-1489
upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery...
CVE-2003-0536
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. dot dot sequences in the 1 template or 2 lng parameters...
CVE-2002-1460
L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST attachment, attachmentname, attachmentsize and attachmenttype, which allows remote attackers to read arbitrary files...
CVE-2002-1782
The default configuration of University of Washington IMAP daemon wu-imapd, when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user...
CVE-2002-1736
Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input."...
CVE-2002-1311
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...
CVE-2002-1311
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...
CVE-2002-1133
CVE-2002-1133 concerns Dino’s WebServer 2.1, where an attacker can perform a directory traversal via URL-encoded sequences (/%2f or %5c) to read arbitrary files. The root cause is improper handling of encoded path separators, enabling navigation to directories on the server and file disclosure. T...
CVE-2002-0998
The CVE-2002-0998 entry affects CARE 2002 prior to beta 1.0.02 in cafenews.php, where the lang parameter is processed by include, enabling directory traversal to read arbitrary files via .. patterns (and null chars). The issue arises in the cafenews.php include call, affecting CARE 2002’s web com...
RedHat Interchange 4.8.x - Arbitrary File Read
RedHat Interchange 4.8.x - Arbitrary File Read source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc'...
RedHat Interchange 4.8.x - Arbitrary File Read
source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc' folder. Reportedly, the folder will be installed...
CVE-2002-0680
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / %5C in a .. dot dot sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228...
Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access
source: https://www.securityfocus.com/bid/4760/info IDS Device Manager is a web interface to the Cisco IDS systems. It is distributed and maintained by Cisco Systems. The IDS Device Manager may allow a remote user to gain access to sensitive information on the system. Due to improper handling of...
CVE-2002-0262
Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2001-1168
In PhpMyExplorer, Vulnerability CVE-2001-1168 is a directory traversal in index.php (chemin param) exploitable through encoded ../ sequences to read arbitrary files. Affected software: PhpMyExplorer prior to 1.2.1; vulnerable file/parameter: index.php and chemin. Impact: potential remote file dis...
CVE-2001-1082
Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. dot dot attack...
CVE-2001-0784
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. dot dot attack using encoded URL characters...
CVE-1999-1051
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the replymessageattach attachment parameter...
CVE-2001-1150
Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition aka Virus Buster 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files...