Absolute path traversal vulnerability in DirPHP 1.0 allows remote attackers to read arbitrary files via a full pathname in the phpfile parameter to index.php.
Max CVSS
5.0
EPSS Score
5.33%
Published
2014-07-29
Updated
2014-08-27
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.
Max CVSS
5.0
EPSS Score
2.19%
Published
2014-07-28
Updated
2022-04-18
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
Max CVSS
5.0
EPSS Score
0.57%
Published
2014-07-11
Updated
2014-07-14
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
Max CVSS
5.0
EPSS Score
3.21%
Published
2014-07-11
Updated
2014-07-14
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Max CVSS
5.0
EPSS Score
0.82%
Published
2014-07-11
Updated
2014-07-14
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface name.
Max CVSS
4.6
EPSS Score
1.00%
Published
2014-07-24
Updated
2017-08-29
Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.
Max CVSS
5.0
EPSS Score
0.46%
Published
2014-07-02
Updated
2019-05-30
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
Max CVSS
5.0
EPSS Score
0.48%
Published
2014-07-02
Updated
2019-05-30
Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the xmlin parameter.
Max CVSS
5.0
EPSS Score
0.34%
Published
2014-07-16
Updated
2014-07-16
Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262.
Max CVSS
4.0
EPSS Score
0.12%
Published
2014-07-18
Updated
2015-12-03
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.
Max CVSS
6.8
EPSS Score
0.18%
Published
2014-07-14
Updated
2017-08-29
Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.
Max CVSS
4.0
EPSS Score
0.36%
Published
2014-07-10
Updated
2017-08-29
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
Max CVSS
5.5
EPSS Score
0.23%
Published
2014-07-14
Updated
2017-08-29
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.
Max CVSS
9.4
EPSS Score
89.87%
Published
2014-07-26
Updated
2017-01-07
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.
Max CVSS
8.5
EPSS Score
13.17%
Published
2014-07-26
Updated
2017-01-07
Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.
Max CVSS
5.0
EPSS Score
0.36%
Published
2014-07-20
Updated
2015-08-05
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in NetIQ Security Manager through 6.5.4 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3460.
Max CVSS
7.5
EPSS Score
1.41%
Published
2014-07-07
Updated
2021-04-13
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
Max CVSS
6.8
EPSS Score
0.82%
Published
2014-07-29
Updated
2016-11-28
Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors.
Max CVSS
3.5
EPSS Score
0.11%
Published
2014-07-01
Updated
2017-08-29
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_headers.php or (2) minify.php.
Max CVSS
5.0
EPSS Score
0.55%
Published
2014-07-31
Updated
2014-08-01
20 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!