Lucene search
+L

110 matches found

Positive Technologies
Positive Technologies
added 2004/11/16 12:0 a.m.6 views

PT-2004-1119 · Unarj · Unarj

Name of the Vulnerable Software and Affected Versions: unarj affected versions not specified Description: The issue is related to a directory traversal vulnerability in the -x extract command line option. This vulnerability allows remote attackers to overwrite arbitrary files by using an arj...

5CVSS6.2AI score0.02737EPSS
Exploits0References14
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.18 views

CVE-2002-1385

openwebmailinit in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. dot dot sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be...

7.2AI score0.0041EPSS
Exploits0References5
OSV
OSV
added 2004/06/01 4:0 a.m.2 views

DEBIAN-CVE-2004-0405

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

5CVSS7AI score0.02354EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2004/04/17 4:0 a.m.25 views

CVE-2004-0405

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

5CVSS6.3AI score0.02354EPSS
Exploits0
CVE
CVE
added 2004/04/17 4:0 a.m.80 views

CVE-2004-0405

CVE-2004-0405 and related CVEs affect CVS up to version 1.11.x. The Debian/Mandrake/Gentoo/Nessus advisories describe two issues: (1) CVS pserver can be abused to view files outside the repository root by using relative pathnames containing ‘..’ (CVE-2004-0405); (2) CVS servers/clients can simila...

5CVSS6.1AI score0.02354EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2004/04/14 1:59 p.m.7 views

security flaw

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

5CVSS5.9AI score0.02354EPSS
Exploits0References4
CVE
CVE
added 2003/06/11 4:0 a.m.36 views

CVE-2003-0417

CVE-2003-0417 describes a directory traversal vulnerability in Son hServer 0.2 that allows a remote attacker to read arbitrary files using modified dot-dot sequences (".|."). The issue affects the server component of Son hServer and is triggered via crafted requests that bypass normal path checks...

5CVSS6.7AI score0.02039EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2002/12/18 5:0 a.m.4 views

DEBIAN-CVE-2002-1344

Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing 1 /absolute/path or 2 .. dot dot sequences...

5CVSS7AI score0.04249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2002/08/31 12:0 a.m.6 views

PT-2002-2004 · Care 2002 · Care 2002

Name of the Vulnerable Software and Affected Versions: CARE 2002 versions prior to beta 1.0.02 Description: The issue allows remote attackers to read arbitrary files via .. dot dot sequences and null characters in the lang parameter, which is processed by a call to the include function...

5CVSS6.8AI score0.02276EPSS
Exploits1References5
CVE
CVE
added 2002/03/15 5:0 a.m.66 views

CVE-2001-1217

CVE-2001-1217 describes a directory traversal vulnerability in the PL/SQL Apache module (mod_plsql/mod_plsql) of Oracle 9i Application Server. The issue allows remote attackers to read sensitive files outside the web server’s root by crafting a request with double URL encoded sequences (..). Affe...

5CVSS8.7AI score0.54383EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder