Lucene search
K

33 matches found

Cvelist
Cvelist
added 2010/09/17 7:0 p.m.23 views

CVE-2010-3460

Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C encoded backslash in the URL...

6.7AI score0.08361EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2009/11/30 3:16 p.m.4 views

Improve cookie parsing for tomcat5

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle 1 double quote " characters or 2 %5C encoded backslash sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable...

5CVSS6AI score0.62575EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2008/10/21 2:52 p.m.4 views

ruby: webrick directory traversal

Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash \ path separators or case-insensitive file names, allows remote attackers to access arbitrary files via 1 "..%5c" encoded backslash...

5CVSS7.3AI score0.18163EPSS
Exploits1References4
CVE
CVE
added 2008/03/04 11:0 p.m.227 views

CVE-2008-1145

CVE-2008-1145 is a directory traversal vulnerability in WEBrick for Ruby. Affected: Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, on systems with backslash path separators or case-insensitive filenames. Exploitation via encoded backslashes ("..\" sequences) or filenames matc...

5CVSS6.6AI score0.18163EPSS
Exploits1References29Affected Software1
Prion
Prion
added 2007/11/01 4:46 p.m.17 views

Directory traversal

Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence...

5CVSS7.2AI score0.02747EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2007/06/06 10:30 a.m.19 views

Directory traversal

Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" encoded backslash sequences...

7.8CVSS7.2AI score0.16447EPSS
Exploits0References2
NVD
NVD
added 2007/06/06 10:30 a.m.18 views

CVE-2007-3075

Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" encoded backslash sequences...

7.8CVSS6.7AI score0.16447EPSS
Exploits0References2
CVE
CVE
added 2007/06/06 10:0 a.m.53 views

CVE-2007-3075

CVE-2007-3075: Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme (e.g., encoded backslash). The connected documents confirm the vulnerability description but do not spec...

7.8CVSS6.8AI score0.16447EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2007/05/24 9:36 a.m.7 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2007/05/08 2:53 p.m.30 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
CVE
CVE
added 2007/03/16 10:0 p.m.367 views

CVE-2007-0450

CVE-2007-0450 is a directory traversal vulnerability affecting Apache Tomcat (and Tomcat behind certain Apache proxies) where a crafted URI containing a dot-dot sequence and mixed separators (/, , and %5C) can cause unauthorized disclosure of arbitrary files. Affected products/versions include To...

5CVSS6.2AI score0.90768EPSS
Exploits2References56Affected Software2
exploitpack
exploitpack
added 2002/08/22 12:0 a.m.23 views

Abyss Web Server 1.0 - Encoded Backslash Directory Traversal

Abyss Web Server 1.0 - Encoded Backslash Directory Traversal source: https://www.securityfocus.com/bid/5547/info A directory traversal vulnerability has been reported for Abyss Web Server. The issue is related to the failure to properly process the backslash '', encoded as '%5c', character, which...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/09 12:0 a.m.9 views

Apache 2.0 - Encoded Backslash Directory Traversal

Apache 2.0 - Encoded Backslash Directory Traversal source: https://www.securityfocus.com/bid/5434/info A directory traversal vulnerability exists in Apache versions 2.0.39 and earlier on non-Unix platforms potentially including Apache compiled with CYGWIN. Platforms that may be affected by this...

7.4AI score
Exploits0
Rows per page
Query Builder