Total
6545 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4835 | 1 Homeseer | 1 Homeseer Hs2 | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | |||||
| CVE-2011-4832 | 1 Caupo | 2 Cauposhop Classic, Cauposhop Pro | 2024-11-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter in a template action. | |||||
| CVE-2011-4831 | 1 David Azoulay | 1 Web File Browser | 2024-11-21 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action. | |||||
| CVE-2011-4821 | 1 Dlink | 2 Dir-601, Dir-601 Firmware | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2011-4813 | 1 Whmcs | 1 Whmcompletesolution | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templatefile parameter. | |||||
| CVE-2011-4810 | 1 Whmcs | 1 Whmcompletesolution | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php. | |||||
| CVE-2011-4807 | 1 Phpalbum | 1 Phpalbum | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter. | |||||
| CVE-2011-4804 | 2 Foobla, Joomla | 2 Com Obsuggest, Joomla\! | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2011-4800 | 1 Solarwinds | 1 Serv-u File Server | 2024-11-21 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. | |||||
| CVE-2011-4788 | 1 Hp | 3 Storageworks P2000 G3 Msa Fc\/iscsi Dual Combo Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Lff Array System, Storageworks P2000 G3 Msa Fibre Channel Dual Controller Sff Array System | 2024-11-21 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in the web interface on HP StorageWorks P2000 G3 MSA array systems allows remote attackers to read arbitrary files via a pathname in the URI. | |||||
| CVE-2011-4722 | 1 Ipswitch | 1 Tftp Server | 2024-11-21 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation. | |||||
| CVE-2011-4717 | 1 Zftpserver | 1 Zftpserver Suite | 2024-11-21 | 5.5 MEDIUM | N/A |
| Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command. | |||||
| CVE-2011-4716 | 1 Dream-multimedia-tv | 4 Dreambox Dm800 Hd Pvr, Dreambox Dm800 Hd Pvr Firmware, Dreambox Dm800 Hd Se and 1 more | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter. | |||||
| CVE-2011-4715 | 1 Koha | 2 Koha, Liblime Koha | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm. | |||||
| CVE-2011-4714 | 1 Vvertex | 1 Muster | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Virtual Vertex Muster before 6.20 allows remote attackers to read arbitrary files via a \.. (backslash dot dot) in the URL. | |||||
| CVE-2011-4713 | 1 Oscss | 1 Oscss | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the _ID parameter to (1) catalog/shopping_cart.php or (2) catalog/content.php. | |||||
| CVE-2011-4712 | 1 Monoxide0184 | 1 Oxide Webserver | 2024-11-21 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Oxide WebServer allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. | |||||
| CVE-2011-4711 | 1 Namazu | 1 Namazu | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter. | |||||
| CVE-2011-4696 | 1 Eye | 1 Eye-fi Helper | 2024-11-21 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in Eye-Fi Helper before 3.4.23 allows man-in-the-middle attackers to create arbitrary files via a .. (dot dot) in the filesignature in a GetPhotoStatus request. | |||||
| CVE-2011-4675 | 1 Widelands | 1 Widelands | 2024-11-21 | 6.4 MEDIUM | N/A |
| The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (tilde) characters to home-directory pathnames but does not restrict use of these characters in strings received from the network, which might allow remote attackers to conduct absolute path traversal attacks and overwrite arbitrary files via a ~ in a pathname that is used for a file transfer in an Internet game, a different vulnerability than CVE-2011-1932. | |||||