Lucene search
K

6507 matches found

NVD
NVD
added 2004/02/17 5:0 a.m.8 views

CVE-2004-0071

Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup 1.2.0 allows remote attackers to read arbitrary files via the command parameter $cmd variable to index.php...

5CVSS7AI score0.07141EPSS
Exploits0References4
NVD
NVD
added 2003/12/31 5:0 a.m.11 views

CVE-2003-1489

upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery...

5CVSS6.7AI score0.00902EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2003/07/10 4:0 a.m.28 views

CVE-2003-0536

Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. dot dot sequences in the 1 template or 2 lng parameters...

3.6CVSS6.2AI score0.01473EPSS
Exploits1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.18 views

CVE-2002-1460

L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST attachment, attachmentname, attachmentsize and attachmenttype, which allows remote attackers to read arbitrary files...

6.8AI score0.01913EPSS
Exploits0References5
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1782

The default configuration of University of Washington IMAP daemon wu-imapd, when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user...

2.1CVSS6.4AI score0.00345EPSS
Exploits0References5
NVD
NVD
added 2002/12/31 5:0 a.m.12 views

CVE-2002-1736

Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input."...

5CVSS6.7AI score0.01181EPSS
Exploits0References2
NVD
NVD
added 2002/11/29 5:0 a.m.14 views

CVE-2002-1311

Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...

4.6CVSS6.2AI score0.0034EPSS
Exploits0References4
OSV
OSV
added 2002/11/29 5:0 a.m.7 views

CVE-2002-1311

Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...

6.2AI score
Exploits0References5
CVE
CVE
added 2002/09/24 4:0 a.m.42 views

CVE-2002-1133

CVE-2002-1133 concerns Dino’s WebServer 2.1, where an attacker can perform a directory traversal via URL-encoded sequences (/%2f or %5c) to read arbitrary files. The root cause is improper handling of encoded path separators, enabling navigation to directories on the server and file disclosure. T...

5CVSS6.8AI score0.0182EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2002/08/31 4:0 a.m.44 views

CVE-2002-0998

The CVE-2002-0998 entry affects CARE 2002 prior to beta 1.0.02 in cafenews.php, where the lang parameter is processed by include, enabling directory traversal to read arbitrary files via .. patterns (and null chars). The issue arises in the cafenews.php include call, affecting CARE 2002’s web com...

5CVSS7.2AI score0.02276EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2002/08/13 12:0 a.m.11 views

RedHat Interchange 4.8.x - Arbitrary File Read

RedHat Interchange 4.8.x - Arbitrary File Read source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc'...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/13 12:0 a.m.17 views

RedHat Interchange 4.8.x - Arbitrary File Read

source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc' folder. Reportedly, the folder will be installed...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2002/07/12 4:0 a.m.21 views

CVE-2002-0680

Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / %5C in a .. dot dot sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228...

6.6AI score0.03491EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2002/05/17 12:0 a.m.33 views

Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access

source: https://www.securityfocus.com/bid/4760/info IDS Device Manager is a web interface to the Cisco IDS systems. It is distributed and maintained by Cisco Systems. The IDS Device Manager may allow a remote user to gain access to sensitive information on the system. Due to improper handling of...

7AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.22 views

CVE-2002-0262

Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

6.7AI score0.01868EPSS
Exploits0References3
CVE
CVE
added 2002/03/15 5:0 a.m.45 views

CVE-2001-1168

In PhpMyExplorer, Vulnerability CVE-2001-1168 is a directory traversal in index.php (chemin param) exploitable through encoded ../ sequences to read arbitrary files. Affected software: PhpMyExplorer prior to 1.2.1; vulnerable file/parameter: index.php and chemin. Impact: potential remote file dis...

5CVSS6.7AI score0.03448EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.24 views

CVE-2001-1082

Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. dot dot attack...

6.5AI score0.01423EPSS
Exploits0References1
NVD
NVD
added 2001/10/18 4:0 a.m.16 views

CVE-2001-0784

Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. dot dot attack using encoded URL characters...

5CVSS6.5AI score0.09357EPSS
Exploits1References7
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.20 views

CVE-1999-1051

Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the replymessageattach attachment parameter...

6.8AI score0.0144EPSS
Exploits1References1
NVD
NVD
added 2001/08/22 4:0 a.m.12 views

CVE-2001-1150

Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition aka Virus Buster 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files...

5CVSS6.7AI score0.02447EPSS
Exploits0References4
Rows per page
Query Builder