Total
6548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3001 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID: 84127. | |||||
| CVE-2013-2988 | 1 Ibm | 1 Cognos Business Intelligence | 2024-11-21 | 2.6 LOW | N/A |
| Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2978. | |||||
| CVE-2013-2984 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-11-21 | 6.5 MEDIUM | N/A |
| Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors. | |||||
| CVE-2013-2981 | 1 Ibm | 1 Data Studio | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-2979 | 1 Ibm | 2 Infosphere Optim Performance Manager, Optim Performance Manager | 2024-11-21 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL. | |||||
| CVE-2013-2978 | 1 Ibm | 1 Cognos Business Intelligence | 2024-11-21 | 2.1 LOW | N/A |
| Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1, 10.1.1, 10.2, and 10.2.1 allows remote authenticated users to read files by leveraging the Report Author privilege, a different vulnerability than CVE-2013-2988. | |||||
| CVE-2013-2900 | 3 Debian, Google, Microsoft | 3 Debian Linux, Chrome, Windows | 2024-11-21 | 7.5 HIGH | N/A |
| The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. | |||||
| CVE-2013-2641 | 1 Sophos | 2 Web Appliance, Web Appliance Firmware | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter. | |||||
| CVE-2013-2619 | 1 Aspen | 1 Aspen | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Aspen before 0.22 allows remote attackers to read arbitrary files via a .. (dot dot) to the default URI. | |||||
| CVE-2013-2565 | 1 Mambo-foundation | 1 Mambo Cms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver. | |||||
| CVE-2013-2560 | 1 Foscam | 1 Fi8919w | 2024-11-21 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials. | |||||
| CVE-2013-2474 | 1 Aws-dms | 1 Aws Xms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. | |||||
| CVE-2013-2117 | 2 Jason A Donenfeld, Lars Hjemli | 2 Cgit, Cgit | 2024-11-21 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | |||||
| CVE-2013-2085 | 1 Owncloud | 1 Owncloud | 2024-11-21 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in apps/files_trashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. (dot dot) in the dir parameter. | |||||
| CVE-2013-2068 | 1 Redhat | 1 Cloudforms Management Engine | 2024-11-21 | 9.4 HIGH | N/A |
| Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method. | |||||
| CVE-2013-2039 | 1 Owncloud | 1 Owncloud | 2024-11-21 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vectors. | |||||
| CVE-2013-1904 | 1 Roundcube | 1 Webmail | 2024-11-21 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf action to index.php, as exploited in the wild in March 2013. | |||||
| CVE-2013-1891 | 2 Microsoft, Opencart | 2 Windows, Opencart | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed. | |||||
| CVE-2013-1806 | 1 Php-fusion | 1 Php-fusion | 2024-11-21 | 6.5 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php. | |||||
| CVE-2013-1645 | 1 Open-xchange | 1 Open-xchange Server | 2024-11-21 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the publication template path. | |||||