Lucene search
K

117 matches found

OSV
OSV
added 2018/10/05 1:29 p.m.2 views

CVE-2018-1649

IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 144655...

6.5CVSS5.9AI score0.02536EPSS
Exploits0References2
OSV
OSV
added 2018/04/26 2:29 p.m.6 views

CVE-2017-1723

IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 134812...

6.5CVSS5.9AI score0.02504EPSS
Exploits0References2
OSV
OSV
added 2018/01/09 8:29 p.m.4 views

CVE-2017-1671

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 133638...

7.5CVSS5.9AI score0.02712EPSS
Exploits0References3
OSV
OSV
added 2017/12/11 9:29 p.m.3 views

CVE-2017-1548

IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 131288...

5.3CVSS5.9AI score0.02166EPSS
Exploits0References3
OSV
OSV
added 2017/06/23 10:29 p.m.3 views

CVE-2017-9829

'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable, which allows remote attackers to read any file on the camera's Linux filesystem via a crafted HTTP request containing ".." sequences. This vulnerability is already verified on VIVOTEK...

7.5CVSS5.8AI score0.68744EPSS
Exploits1References1
OSV
OSV
added 2017/02/01 10:59 p.m.3 views

CVE-2016-8933

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences /../ to view arbitrary files on the system...

6.5CVSS5.9AI score0.01812EPSS
Exploits0References2
OSV
OSV
added 2017/02/01 10:59 p.m.2 views

CVE-2016-5941

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences /../ to view arbitrary files on the system...

5.7CVSS5.9AI score0.01595EPSS
Exploits0References2
OSV
OSV
added 2017/02/01 8:59 p.m.5 views

CVE-2016-8913

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS5.9AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2011/04/10 2:51 a.m.2 views

CVE-2011-1669

Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F encoded dot dot sequences in the url parameter...

5CVSS5.8AI score0.22157EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2011/04/05 3:19 p.m.3 views

CVE-2011-1566

Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System IGSS allows remote attackers to execute arbitrary programs via ..\ dot dot backslash sequences in opcodes 1 0xa and 2 0x17 to TCP port 12397...

10CVSS6.1AI score0.66982EPSS
Exploits10References9
Prion
Prion
added 2010/01/04 5:30 p.m.17 views

Remote file inclusion

PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. dot dot sequences...

6.8CVSS7.9AI score0.01913EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2009/09/21 3:51 p.m.6 views

tomcat request dispatcher information disclosure vulnerability

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...

5CVSS6.1AI score0.18685EPSS
Exploits1References4
Prion
Prion
added 2009/07/28 7:30 p.m.9 views

Remote file inclusion

PHP remote file inclusion vulnerability in appandreadme/navigator/index.php in School Data Navigator allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. dot dot sequences...

6.8CVSS7.9AI score0.0168EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/07/28 7:6 p.m.21 views

CVE-2009-2641

PHP remote file inclusion vulnerability in appandreadme/navigator/index.php in School Data Navigator allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. dot dot sequences...

7.4AI score0.0168EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/05/24 6:47 p.m.6 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2007/05/24 9:36 a.m.7 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2007/05/14 4:59 p.m.6 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2007/05/08 2:53 p.m.30 views

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

5CVSS6AI score0.90768EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2007/05/01 2:5 p.m.6 views

Directory traversal issue in fastjar

Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences...

2.6CVSS5.9AI score0.03827EPSS
Exploits0References4
OSV
OSV
added 2007/04/02 10:19 p.m.1 views

DEBIAN-CVE-2007-1799

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384...

6.4CVSS6.7AI score0.02269EPSS
Exploits0References1
Rows per page
Query Builder