CVE-2002-0229

Safe Mode feature safemode in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements...

CVE-2002-0232

Directory traversal vulnerability in Multi Router Traffic Grapher MRTG allows remote attackers to read portions of arbitrary files via a .. dot dot in the cfg parameter for 1 14all.cgi, 2 14all-1.1.cgi, 3 traffic.cgi, or 4 mrtg.cgi...

CVE-2002-0331

Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP request...

CVE-2002-0288

Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... triple dot dot in the HTTP request...

CVE-2002-0131

ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script...

CVE-2002-0129

efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message...

CVE-2002-0131

ActivePython ActiveX control for Python in the AXScript package, when used in Internet Explorer, does not prevent a script from reading files from the client's filesystem, which allows remote attackers to read arbitrary files via a malicious web page containing Python script...

CVE-2002-0138

CDRDAO 1.1.4 and 1.1.5 are affected by CVE-2002-0138: local users can read arbitrary files via the show-data command. The issue is documented in Mandrake advisory MDKSA-2005:089, which notes a patch is available for the affected packages. Exploitation details are not provided in the supplied docu...

CVE-2001-1115

The CVE-2001-1115 issue affects SIX-webboard 2.01 and earlier where generate.cgi does not properly validate the content parameter, allowing a remote attacker to perform directory traversal and read arbitrary files on the server with the web server’s permissions. This is caused by directory traver...

CVE-2002-0138

CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command...

CVE-2001-1150

Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition aka Virus Buster 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files...

CVE-2001-0321

opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter...

CVE-2001-0461

template.cgi in Free On-Line Dictionary of Computing FOLDOC allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi...

CVE-2001-0677

Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user...

CVE-2001-0982

Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. dot dot sequences containing "%2e" strings...

CVE-2000-0180

Sojourn search engine allows remote attackers to read arbitrary files via a .. dot dot attack...

EUVD-2001-0459

Directory traversal vulnerability in calmake.pl in PerlCal allows remote attackers to read arbitrary files via a .. dot dot in the p0 parameter...

CVE-1999-1117

CVE-1999-1117 affects IBM AIX 4.1 and 4.2 where the lquerypv component can be exploited locally to read arbitrary files by supplying a file path in the -h argument. The underlying issue is a local access vulnerability impacting confidentiality (per CVSS: Partial). No explicit exploit code, workar...

CVE-2001-0846

The provided documents describe CVE-2001-0846: Lotus Domino 5.x is vulnerable to a remote attacker who can read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). The exact vulnerable component is not more precisely broken down beyon...

CVE-1999-1456

thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / slash character in the filename...