CVE-2026-28517

openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in reportnetworkmap.php. The application retrieves the 'dot' configuration parameter from the database and passes it directly to exec without validation or sanitization. If an attacker can modify the...

VulnCheck KEV: CVE-2005-2848

Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. dot dot in the f parameter...

Apache Storm Directory Traversal Vulnerability

Apache Storm is the United States Apache Apache Software Foundation of a set of Clojure Concurrent Programming Language development of free open-source distributed real-time computing system. log viewer is one of the log viewer tool. A directory traversal vulnerability exists in the log viewer in...

UBUNTU-CVE-2013-2085

Directory traversal vulnerability in apps/filestrashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. dot dot in the dir parameter...

DEBIAN-CVE-2012-2139

Directory traversal vulnerability in lib/mail/network/deliverymethods/filedelivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. dot dot in the to parameter...

DEBIAN-CVE-2010-0287

Directory traversal vulnerability in the ACL Manager plugin plugins/acl/ajax.php in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. dot dot in the ns parameter...

CVE-2007-6528

Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. dot dot and modified filename in the movie parameter...