CVE-2011-1715

Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to read arbitrary files via ..%2f encoded dot dot sequences in the file parameter...

VulnCheck KEV: CVE-2010-4270

Directory traversal vulnerability in the nBill comnetinvoice component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.210 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to 1...

SmallFTPD 1.0.3 Directory Traversal

/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / ,ftp 127.0.0.1 Connected to 127.0.0.1. 220- smallftpd 1.0.3 220- check http://smallftpd.free.fr for more information 220 report bugs to [email protected] User 127.0.0.1:none: test 331 User name okay, password required...

CVE-2010-2584

The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an ht...

PT-2010-3687 · Apache · Apache Cxf

Name of the Vulnerable Software and Affected Versions: Apache CXF versions 2.0.x through 2.0.12 Apache CXF versions 2.1.x through 2.1.9 Apache CXF versions 2.2.x through 2.2.8 Description: The issue allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause ...

USN-971-1: OpenJDK vulnerabilities

It was discovered that the IcedTea plugin did not correctly check certain accesses. If a user or automated system were tricked into running a specially crafted Java applet, a remote attacker could read arbitrary files with user privileges, leading to a loss of privacy. CVE-2010-2548, CVE-2010-278...

CVE-2010-2848

CVE-2010-2848 describes a directory traversal vulnerability in the InterJoomla ArtForms (com_artforms) component for Joomla!, version 2.1b7.2 RC2. The flaw resides in assets/captcha/includes/alikon/playcode.php and allows remote attackers to read arbitrary files via a .. (dot dot) in the l parame...

Design/Logic Flaw

DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by 1 web.config\ and 2 .ascx\ files...

CVE-2010-2045

Local File Inclusion in Joomla! component FDione Form Wizard (com_dioneformwizard) 1.0.2 allows an attacker to read arbitrary server files via directory traversal in the index.php controller parameter. This vulnerability, categorized as LFI, can lead to partial information disclosure as noted by ...

Directory traversal

Directory traversal vulnerability in the J!WHMCS Integrator comjwhmcs component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

CVE-2010-1983

Directory traversal vulnerability in the redTWITTER comredtwitter component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the view parameter to index.php. NOTE: some of these details are obtained from third party information...

CVE-2010-1952

Directory traversal vulnerability in the BeeHeard combeeheard and BeeHeard Lite combeeheardlite component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

CVE-2010-1954

Directory traversal vulnerability in the iNetLanka Multiple root commultiroot component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. NOTE: some of these details are obtained from third party information...

CVE-2010-1956

Directory traversal vulnerability in the Gadget Factory comgadgetfactory component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. NOTE: some of these details are obtained from third party information...

CVE-2010-1957

Directory traversal vulnerability in the Love Factory comlovefactory component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

CVE-2010-1955

Directory traversal vulnerability in the Deluxe Blog Factory comblogfactory component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

CVE-2010-1953

Directory traversal vulnerability in the iNetLanka Multiple Map commultimap component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

Interspire Knowledgebase Manager 5.1.3 Cross Site Scripting / SQL Injection

!/bin/sh - Interspire Knowledge Manager - ====================================================================== Table of Contents Affected Software....................................................1 Severity.............................................................2 Vendor's Description of...

Directory traversal

Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers to read arbitrary files via unknown vectors...

CVE-2009-4321

extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information...