Lucene search
K

3350 matches found

CVE
CVE
added 2004/09/01 4:0 a.m.49 views

CVE-2001-0042

The CVE-2001-0042 entry affects PHP 3.x running on Apache 1.3.6 . It describes a remote file-read vulnerability via a modified “..” path traversal that can include encoded backslash sequences ("%5c") to disclose arbitrary files. The description indicates the root cause is a dot-dot traversal vuln...

5CVSS7.2AI score0.08603EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.26 views

CVE-2002-1417

Directory traversal vulnerability in Novell NetBasic Scripting Server NSN for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence modified dot-dot, which is mapped to the directory separator...

6.3AI score0.16615EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.17 views

CVE-2002-1390

The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL...

5CVSS6.3AI score0.01427EPSS
Exploits0
CVE
CVE
added 2004/09/01 4:0 a.m.56 views

CVE-2002-0627

The CVE-2002-0627 issue concerns the Polycom ViewStation Web server prior to version 7.2.4, where authentication can be bypassed and files read through Unicode-encoded requests. The affected component is the ViewStation web server; the underlying cause is a flaw that permits bypassing access cont...

7.5CVSS7.4AI score0.01635EPSS
Exploits0References5Affected Software8
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.20 views

CVE-2002-1390

The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL...

6.5AI score0.01427EPSS
Exploits0References4
CVE
CVE
added 2004/09/01 4:0 a.m.75 views

CVE-2003-0043

Affected software: Jakarta Tomcat prior to 3.3.1a when used with JDK 1.3.1 or earlier. Root cause: processing of web.xml uses trusted privileges, enabling remote attackers to read portions of some files. Impact: information disclosure (partial). Exploitation details are not provided in the suppli...

5CVSS6.3AI score0.04049EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.28 views

CVE-2004-0122

Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files...

7.3AI score0.22467EPSS
Exploits0References6
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.20 views

CVE-2001-1386

WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a link file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension...

7.5AI score0.03037EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2004/08/12 12:0 a.m.31 views

clearswift.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------- SySS-Advisory: Clearswift Mimesweeper Path Traversal Vulnerability - ------------------------------------------------------------------- Problem discovered: July 27th 2004 Vendor...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/07/06 4:0 a.m.36 views

CVE-2004-0577

WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory...

6.7AI score0.01373EPSS
Exploits0References3
NVD
NVD
added 2004/06/01 4:0 a.m.20 views

CVE-2004-0405

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

5CVSS6.2AI score0.02354EPSS
Exploits0References9
securityvulns
securityvulns
added 2004/03/25 12:0 a.m.29 views

HP Web JetAdmin vulnerabilities.

lo all: http://sh0dan.org/files/hpjadmadv.txt Fear the vi formatting. Product: HP Web JetAdmin Version 7.5.2546 Others that use this codebase assumed vulnerable Note: Only tested on the Windows Platform. Vulnerability: Denial of Service, Upload Any file to the filesystem to a known location, Writ...

7.6AI score
Exploits0
NVD
NVD
added 2004/03/24 5:0 a.m.14 views

CVE-2004-1859

Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. dot dot in the URL...

5CVSS6.6AI score0.08375EPSS
Exploits1References7
NVD
NVD
added 2004/03/24 5:0 a.m.13 views

CVE-2004-1857

Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. dot dot in the setinclude parameter...

2.1CVSS6.3AI score0.86833EPSS
Exploits1References4
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.15 views

CVE-2004-0302

Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the 1 file parameter in index.php, 2 editfile in glossary.php, or 3 editfile in newmultiplechoice.php...

6.7AI score0.03424EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2004/03/03 5:0 a.m.19 views

CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

5CVSS6.1AI score0.09332EPSS
Exploits1References1
NVD
NVD
added 2004/03/03 5:0 a.m.17 views

CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

5CVSS6.5AI score0.09332EPSS
Exploits1References8
NVD
NVD
added 2004/02/03 5:0 a.m.19 views

CVE-2003-0817

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object...

7.5CVSS6.8AI score0.17957EPSS
Exploits0References10
Cvelist
Cvelist
added 2004/01/15 5:0 a.m.16 views

CVE-2004-0071

Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup 1.2.0 allows remote attackers to read arbitrary files via the command parameter $cmd variable to index.php...

7AI score0.07141EPSS
Exploits0References4
NVD
NVD
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1351

Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." encoded slash dot dot in the file parameter...

5CVSS6.7AI score0.01564EPSS
Exploits1References4
Rows per page
Query Builder