694 matches found
CVE-2001-0020
Directory traversal vulnerability in Arrowpoint aka Cisco Content Services, or CSS allows local unprivileged users to read arbitrary files via a .. dot dot attack...
CVE-2001-0253
Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. dot dot attack in the show parameter...
CVE-2001-0454
Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... modified dot dot in the HTTP request...
CVE-2001-0360
Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. dot dot attack in the helpon parameter...
CVE-2001-0293
Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. dot dot in the GET command...
CVE-2001-0199
Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. dot dot attack in the HTTP GET request...
CVE-2001-0199
Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. dot dot attack in the HTTP GET request...
CVE-2000-0921
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. dot dot attack on the page parameter...
CVE-2000-0900
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. dot dot attack...
CVE-2000-0731
Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-2000-0773
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack...
CVE-2000-0767
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability...
CVE-1999-1165
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to 1 gain root privileges via a malicious program in the .fingerrc file, or 2 read arbitrary files via symbolic links from .plan, .forward, or .project files...
CVE-1999-1437
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml...