portmon unauthorized access

It's possible to read any file by specifing it instead of configuration...

CVE-2003-0277

Directory traversal vulnerability in normalhtml.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. dot dot sequences in the file parameter...

CVE-2002-1460

L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST attachment, attachmentname, attachmentsize and attachmenttype, which allows remote attackers to read arbitrary files...

CVE-2003-0336

Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return CR character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora...

CVE-2003-0336

Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return CR character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora...

CVE-2003-0294

autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation...

Unauthorized reading files on phpSysInfo

/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 007 |-----------------------------------------------------------------------------| | | Unauthorized reading files on phpSysInfo |...

Nokia IPSO Vulnerability

There is a remote security vulnerability in the Nokia IPSO operating system. Anyone with access to the webgui Voyager on the Nokia IP-box can read any file on the system. For example, login as the user 'monitor' disabled by default and use the readfile.tcl to read any file:...

Nokia IPSO 3.4.x - Voyager ReadFile.TCL Remote File Reading

Nokia IPSO 3.4.x - Voyager ReadFile.TCL Remote File Reading source: https://www.securityfocus.com/bid/7426/info It has been reported that Nokia IPSO does not properly handle some types of requests through Voyager. Because of this, an attacker with access to the interface may be able to view...

Nokia IPSO 3.4.x - Voyager ReadFile.TCL Remote File Reading

source: https://www.securityfocus.com/bid/7426/info It has been reported that Nokia IPSO does not properly handle some types of requests through Voyager. Because of this, an attacker with access to the interface may be able to view potentially sensitive information...

CVE-2002-1442

The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the window's location...

CVE-2000-0590

CVE-2000-0590 affects the Poll It 2.0 CGI script. The vulnerability allows a remote attacker to read arbitrary files by supplying a file name in the data_dir parameter, with an example showing access to /etc/passwd. OpenVAS/Nessus entries corroborate arbitrary file access via the CGI. Remediation...

CVE-2002-1039

Directory traversal vulnerability in Double Choco Latte DCL before 20020706 allows remote attackers to read arbitrary files via .. dot dot sequences when downloading files from the Projects: Attachments feature...

CVE-2002-1081

The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character...

CVE-2001-1334

Blockrenderurl.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL...

CVE-2002-1498

Directory traversal vulnerability in SWServer 2.2 and earlier allows remote attackers to read arbitrary files via a URL containing .. sequences with "/" or "" characters...

CVE-2002-1523

Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 allows remote attackers to read arbitrary files via 1 ../ dot-dot slash or 2 ..\ dot-dot backslash sequences...

CVE-2002-1534

Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share...

CVE-2003-0156

Directory traversal vulnerability in Cross-Referencing Linux LXR allows remote attackers to read arbitrary files via .. dot dot sequences in the v parameter...

CVE-2003-0156

The CVE-2003-0156 vulnerability affects Cross-Referencing Linux (LXR), specifically the CGI component handling the v parameter in the source page. The root cause is insufficient input sanitization, enabling a directory-traversal attack to read arbitrary files on the host. This is evidenced by Deb...