Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands.
Max CVSS
9.0
EPSS Score
1.01%
Published
2011-12-14
Updated
2020-07-28
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.
Max CVSS
10.0
EPSS Score
3.31%
Published
2011-09-16
Updated
2012-02-14

CVE-2011-2653

Public exploit
Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.
Max CVSS
10.0
EPSS Score
95.09%
Published
2011-12-08
Updated
2012-03-05

CVE-2011-1900

Public exploit
Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request.
Max CVSS
10.0
EPSS Score
0.65%
Published
2011-05-04
Updated
2011-05-31
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.
Max CVSS
8.5
EPSS Score
5.08%
Published
2011-05-07
Updated
2018-10-09

CVE-2011-1566

Public exploit
Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.
Max CVSS
10.0
EPSS Score
86.93%
Published
2011-04-05
Updated
2012-05-12

CVE-2011-1565

Public exploit
Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401.
Max CVSS
10.0
EPSS Score
43.44%
Published
2011-04-05
Updated
2011-09-22
Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party
Max CVSS
10.0
EPSS Score
3.26%
Published
2011-10-09
Updated
2024-03-21
Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request.
Max CVSS
10.0
EPSS Score
90.32%
Published
2011-04-18
Updated
2018-10-10
Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or unspecified other (3) JAR or (4) ZIP files.
Max CVSS
9.3
EPSS Score
0.58%
Published
2011-01-28
Updated
2022-02-07
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!