CWE:
 

Topic
Date
Author
Med.
Horos 2.1.0 Web Portal Remote Information Disclosure / Directory Traversal
18.12.2016
Gjoko 'LiquidWorm' Krs...
Med.
Shuttle Tech ADSL Wireless 920 WM XSS / Directory Traversal
06.12.2016
Persian Hack Team
High
Apache ActiveMQ 5.11.1 / 5.13.2 Directory Traversal / Command Execution
04.12.2016
David Jorm
Low
Biesta Billing 4.0 Beta Cross Site Request Forgery / Traversal
29.11.2016
TaurusOmar
High
Crestron AM-100 1.2.1 Path Traversal / Hard-Coded Credentials
23.11.2016
Zach Lanier
Low
Atlassian Confluence AppFusions Doxygen 1.3.0 Path Traversal
22.11.2016
RCE
Med.
SAP NetWeaver AS ABAP 7.4 Directory Traversal
19.11.2016
Daria Prosochkina
Med.
Oracle Netbeans IDE 8.1 Directory Traversal
21.10.2016
hyp3rlinx
Low
SPIP 3.1.2 File Enumeration / Path Traversal
20.10.2016
Nicolas CHATELAIN
Med.
Kajona 4.7 Cross Site Scripting / Directory Traversal
17.09.2016
Tim Coen
Med.
E-Cidade 2.3.52 Directory Traversal
28.08.2016
vesp3r
Med.
WordPress 4.5.3 Core Ajax Handlers Path Traversal
22.08.2016
sumofpwn
Med.
Lepton CMS 2.2.0 / 2.2.1 Directory Traversal
17.08.2016
hyp3rlinx
Low
WebNMS Framework 5.2 SP1 Traversal / Weak Obfuscation / User Impersonation
10.08.2016
agileinfosec
Med.
PHP Power Browse 1.2 Path Traversal
06.08.2016
Manuel Mancera
Med.
Atutor 2.2.1 Path Traversal
04.08.2016
High-Tech Bridge Secur...
Med.
Avaya VOSS 4.1.0.0 SPB Traffic Traversal
28.07.2016
Dragan
Med.
PHP File Vault 0.9 Directory Traversal / File Read
26.07.2016
N_A
Med.
SAP NetWeaver AS JAVA 7.5 Directory Traversal
18.06.2016
Vahagn Vardanyan
Med.
jbFileManager Path Traversal
17.06.2016
HaHwul
Med.
Gemalto Sentinel License Manager 18.0.1 Directory Traversal
17.06.2016
Gjoko 'LiquidWorm' Krs...
Med.
SAP MII 15.0 Directory Traversal
17.05.2016
Dmitry Chastuhin
Med.
OXID eShop Path Traversal Vulnerability
05.05.2016
LSE
Med.
OXID eShop CE 4.9.7 Path Traversal / Privilege Escalation
04.05.2016
Tim Herres
High
Ovidentia Troubletickets 7.6 Remote File Inclusion
13.04.2016
bd0rk
Med.
DotCMS 3.5 Beta Directory Traversal
12.04.2016
Piaox From Pingan Prod...
Med.
Apache OpenMeetings 3.1.0 Path Traversal
31.03.2016
Andreas Lindh
High
ATutor 2.2.1 Directory Traversal / Remote Code Execution
30.03.2016
mr_me
Med.
WordPress eBook Download 1.1 Directory Traversal
22.03.2016
Wadeek
Med.
WordPress Import CSV 1.1 Directory Traversal
22.03.2016
Wadeek
Med.
Apache Tomcat 8.0.26 Limited Directory Traversal
23.02.2016
Apache Tomcat security...
High
SIMOGEO FileManager 2.3.0 Path Traversal
12.02.2016
HaHwul
High
File Replication Pro 7.2.0 Command Execution / File Disclosure / Traversal
12.02.2016
Jerold Hoong
High
D-Link DVG-N5402SP Path Traversal / Information Disclosure
05.02.2016
Karn Ganeshen
Med.
Roundcube 1.1.3 Path Traversal
15.01.2016
High-Tech Bridge Secur...
Med.
PFSense 2.2.5 Directory Traversal
19.12.2015
R-73eN
High
Ovidentia absences 2.64 Remote File Inclusion
16.12.2015
bd0rk
High
Ovidentia bulletindoc 2.9 Remote File Inclusion
16.12.2015
bd0rk
Med.
Polycom VVX-Series Path Traversal
15.12.2015
Jake Reynolds
Med.
4images 1.7.11 Path Traversal
14.12.2015
Tim Coen
Med.
bitrix.scan Bitrix 1.0.3 Path Traversal
11.12.2015
High-Tech Bridge Secur...
High
YesWiki 1 / 2 File Upload / Directory Traversal
09.12.2015
indoushka
High
WordPress Squirrel Theme 1.6.4 Remote File Inclusion
09.12.2015
indoushka
Med.
Awesome Media Gallery 1.0 Directory Traversal
08.12.2015
indoushka
High
WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion
03.12.2015
High-Tech Bridge Secur...
Low
XCart 5.2.6 Path Traversal
17.11.2015
Curesec
High
D-Link DIR-825 Buffer Overflow / Directory Traversal
17.11.2015
Samuel Huntley
High
AlegroCart 1.2.8 Local / Remote File Inclusion
16.11.2015
Curesec
Med.
ClipperCMS 1.3.0 Path Traversal
16.11.2015
Curesec
Med.
YESWIKI 0.2 Path Traversal
11.11.2015
HaHwul
Med.
Pligg CMS 2.0.2 Directory Traversal
31.10.2015
Tim Coen
Med.
Belkin Router N150 Path Traversal
20.10.2015
Rahul Pratap Singh
Med.
ElasticSearch Snapshot API Directory Traversal
16.10.2015
Multiple
Med.
F5 BigIP 10.2.4 Build 595.0 HF3 Path Traversal
13.10.2015
Karn Ganeshen
High
WordPress Font 7.5 Path Traversal
13.10.2015
David Moore
Med.
WordPress Easy2Map 1.2.9 Local File Inclusion / Directory Traversal
06.10.2015
Ibéria Medeiros
Med.
RSA OneStep 6.9 Path Traversal
30.09.2015
RSA Customer Support
High
Kirby CMS 2.1.0 Authentication Bypass / Traversal
18.09.2015
Dawid Golunski
High
Openfire 3.10.2 Remote File Inclusion
15.09.2015
hyp3rlinx
Med.
Elasticsearch 1.6.0 Directory Traversal
17.07.2015
Benjamin Smith
Med.
Pimcore CMS Build 3450 Directory Traversal
15.07.2015
Josh Foote
High
AjaxControlToolkit File Upload Directory Traversal
15.07.2015
Brian Cardinale
Med.
Simple Online Planning Tool 1.3.2 XSS / SQL Injection / Traversal
13.07.2015
Huy-Ngoc DAU
Med.
ZenPhoto 1.4.8 XSS / SQL Injection / Traversal
13.07.2015
Tim Coen
Low
Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal
27.06.2015
SEC
Med.
EMC Documentum Thumbnail Server Directory Traversal
24.06.2015
EMC
High
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities
20.06.2015
Vulnerability Lab
Med.
Wonder CMS 0.6-Beta File Inclusion / Traversal / Disclosure
19.06.2015
indoushka
High
Audio Share 2.0.2 Cross Site Scripting / Remote File Inclusion
18.06.2015
indoushka
Med.
Bonita BPM 6.5.1 Directory Traversal / Open Redirect
10.06.2015
High-Tech Bridge Secur...
Med.
Logstash 1.4.2 Directory Traversal
10.06.2015
Colin Coghill
Low
SQLBuddy 1.3.3 Path Traversal
15.05.2015
John Page
Med.
eFront 3.6.15 Path Traversal
09.05.2015
Filippo Roncari
Med.
Album Streamer 2.0 iOS Directory Traversal Vulnerability
08.05.2015
Vulnerability Lab
Med.
ElasticSearch Directory Traversal Proof Of Concept
05.05.2015
Pedro Andujar
Med.
Honeywell XLWEB SCADA Path Traversal
24.04.2015
Martin Jartelius
Med.
BlueDragon CFChart Servlet 7.1.1.17759 Directory Traversal
21.04.2015
Mike Westmacott
Med.
Android 4.4 MTP Path Traversal
20.04.2015
Imre Rad
High
Novell ZenWorks Configuration Management 11.3.1 Code Execution / Traversal
08.04.2015
Pedro Ribeiro
Med.
Ericsson Drutt MSDP (Instance Monitor) Directory Traversal / File Access
01.04.2015
Anastasios Monachos (s...
Med.
EMC M&R (Watch4net) Device Discovery Path Traversal
20.03.2015
Han Sahin
Med.
EMC M&R (Watch4net) MIB Browser Path Traversal
20.03.2015
Han Sahin
Med.
724CMS 5.01 / 4.59 / 4.01 / 3.01 Directory Traversal
17.03.2015
Wang Jing
Med.
Webshop Hun 1.062S Directory Traversal
05.03.2015
Wang Jing
High
NetCat CMS 3.12 Remote File Inclusion
03.03.2015
Wang Jing
Med.
DSS TFTP 1.0 Path Traversal
27.02.2015
Vulnerability Lab
High
Hybris Commerce Software Suite 5.x File Disclosure / Traversal
19.02.2015
RedTeam
Med.
ES File Explorer 3.2.4.1 Path Traversal
18.02.2015
Vulnerability Lab
Low
Kaseya Browser 7.0 Android Path Traversal
30.01.2015
security-assessment
Med.
ManageEngine Firewall Analyzer 8.0 Directory Traversal / XSS
30.01.2015
AmirHadi Yazdani (Sobh...
High
ManageEngine Shell Upload / Directory Traversal
06.01.2015
Pedro Ribeiro
Med.
Docker Privilege Escalation / Path Traversal / Spoofing
13.12.2014
Multiple
High
DukaPress 2.5.2 Path Traversal
29.11.2014
Kacper Szurek
High
Paid Memberships Pro 1.7.14.2 Path Traversal
21.11.2014
Kacper Szurek
Med.
D-Link DCS-2103 Directory Traversal
18.11.2014
MustLive
Med.
webEdition 6.3.8.0 Path Traversal
18.09.2014
High-Tech Bridge Secur...
Med.
Open-Xchange 7.6.0 XSS / SSRF / Traversal
16.09.2014
Martin Heiland
High
Railo 4.2.1 Remote File Inclusion
12.09.2014
Bryan Alexander
High
JobScheduler Path Traversal
09.09.2014
Christian Schneider
High
Opendaylight 1.0 Local File Inclusion / Remote File Inclusion
13.08.2014
Gregory Pickett


CVEMAP Search Results

CVE
Details
Description
2015-02-23
Medium
CVE-2015-1589

Vendor: Archmage project
Software: Archmage
 

 
Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. (dot dot) in a CHM file.

 
2015-02-20
Medium
CVE-2015-0878

Vendor: Almail
Software: Al-mail32
 

 
Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allows remote attackers to write to arbitrary files via a crafted filename of an attachment.

 
2015-02-16
High
CVE-2014-9375

Vendor: Lexmark
Software: Markvision e...
 

 
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.

 
Low
CVE-2014-6194

Vendor: IBM
Software: Change and c...
 

 
Directory traversal vulnerability in an unspecified web form in IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX007, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products allows remote authenticated users to read arbitrary files via a .. (dot dot) in a pathname.

 
2015-02-11
Medium
CVE-2015-1577

Vendor: YUBA
Software: U5cms
 

 
Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) .. (dot dot) or (2) full pathname in the f parameter.

 
2015-02-06
High
CVE-2014-0604

Vendor: Attachmate
Software: Reflection f...
 

 
Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the StartLog method.

 
High
CVE-2014-0605

Vendor: Attachmate
Software: Reflection f...
 

 
Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to the SaveSettings method.

 
2015-02-03
High
CVE-2014-9574

Vendor: Fluxbb
Software: Fluxbb
 

 
Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter.

 
2015-01-21
High
CVE-2014-8478

Vendor: Siemens
Software: Scalance x-3...
 

 
The web server on Siemens SCALANCE X-300 switches with firmware before 4.0 and SCALANCE X 408 switches with firmware before 4.0 allows remote attackers to cause a denial of service (reboot) via malformed HTTP requests.

 
Medium
CVE-2015-0867

Vendor: Synck graphica
Software: Download log cgi
 

 
Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename.

 

 


Copyright 2017, cxsecurity.com