Total
7811 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-10397 | 1 Para | 1 Antioch | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php. | |||||
| CVE-2014-10396 | 1 Organizedthemes | 1 Epic | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php. | |||||
| CVE-2014-10390 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. | |||||
| CVE-2014-10073 | 2 Debian, Wpitchoune | 2 Debian Linux, Psensor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory. | |||||
| CVE-2014-10068 | 1 Hapi | 1 Inert | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false. | |||||
| CVE-2014-10066 | 1 Fancy-server Project | 1 Fancy-server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory. | |||||
| CVE-2013-7466 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation. | |||||
| CVE-2013-6785 | 1 Supermicro | 1 Intelligent Platform Management Interface | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter. | |||||
| CVE-2013-6225 | 1 Livezilla | 1 Livezilla | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability | |||||
| CVE-2013-6056 | 1 Alienvault | 1 Open Source Security Information Management | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability | |||||
| CVE-2013-4861 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter. | |||||
| CVE-2013-4855 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 7.9 HIGH | 8.8 HIGH |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | |||||
| CVE-2013-4658 | 1 Linksys | 2 Ea6500, Ea6500 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. | |||||
| CVE-2013-4657 | 1 Netgear | 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service. | |||||
| CVE-2013-4656 | 1 Asus | 4 Rt-ac66u, Rt-ac66u Firmware, Rt-n56u and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service. | |||||
| CVE-2013-4654 | 1 Tp-link | 4 Tl-1043nd, Tl-1043nd Firmware, Tl-wdr4300 and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.. | |||||
| CVE-2013-3311 | 1 Loftek | 2 Nexus 543, Nexus 543 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request. | |||||
| CVE-2013-3073 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34. | |||||
| CVE-2013-3001 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID: 84127. | |||||
| CVE-2013-2565 | 1 Mambo-foundation | 1 Mambo Cms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver. | |||||