Total
6547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1289 | 1 Sap | 1 Netweaver | 2024-11-21 | 4.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component. | |||||
| CVE-2012-1226 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/action/fiche.php. | |||||
| CVE-2012-1221 | 1 Rabidhamster | 2 R2\/, R2\/extreme | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command. | |||||
| CVE-2012-1207 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in frontend/core/engine/javascript.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter to frontend/js.php. | |||||
| CVE-2012-1196 | 1 Landesk | 1 Lenovo Thinkmanagement Console | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request. | |||||
| CVE-2012-1112 | 1 Open-realty | 1 Open-realty | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the select_users_template parameter to index.php. | |||||
| CVE-2012-1089 | 1 Apache | 1 Wicket | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package. | |||||
| CVE-2012-1050 | 1 Mathopd | 1 Mathopd | 2024-11-21 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted Host header. | |||||
| CVE-2012-1047 | 1 Cyberoam | 1 Cyberoam Central Console | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action. | |||||
| CVE-2012-1025 | 1 Dream-multimedia-tv | 1 Enigma2 Webinterface | 2024-11-21 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter. | |||||
| CVE-2012-1024 | 1 Dream-multimedia-tv | 1 Enigma2 Webinterface | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2012-0998 | 1 Lepton-cms | 1 Lepton | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in account/preferences.php in LEPTON before 1.1.4 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the language parameter. | |||||
| CVE-2012-0996 | 1 11in1 | 1 11in1 | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php. | |||||
| CVE-2012-0991 | 1 Openemr | 1 Openemr | 2024-11-21 | 3.5 LOW | N/A |
| Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter. | |||||
| CVE-2012-0987 | 1 Impresscms | 1 Impresscms | 2024-11-21 | 6.0 MEDIUM | N/A |
| Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the icmsConfigPlugins[sanitizer_plugins][] parameter. | |||||
| CVE-2012-0981 | 1 Kybernetika | 1 Phpshowtime | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. NOTE: Some of these details are obtained from third party information. | |||||
| CVE-2012-0907 | 1 Neoaxis | 1 Neoaxis Web Player | 2024-11-21 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip ZIP archive. | |||||
| CVE-2012-0898 | 2 Camaleo, Wordpress | 2 Myeasybackup, Wordpress | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter. | |||||
| CVE-2012-0896 | 3 Count Per Day Project, Tom Braider, Wordpress | 3 Count Per Day, Count Per Day, Wordpress | 2024-11-21 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. | |||||
| CVE-2012-0697 | 1 Hp | 1 Storageworks P2000 G3 Msa | 2024-11-21 | 10.0 HIGH | N/A |
| HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than CVE-2011-4788. | |||||