CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2002(Directory Traversal)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2002-2416 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.
2 CVE-2002-2403 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.
3 CVE-2002-2399 22 Dir. Trav. 2002-12-31 2008-09-05
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
4 CVE-2002-2387 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command.
5 CVE-2002-2375 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information.
6 CVE-2002-2351 22 Exec Code Dir. Trav. Bypass 2002-12-31 2008-09-05
6.4
None Remote Low Not required Partial Partial None
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
7 CVE-2002-2292 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Remote Console Applet in Halycon Software iASP 1.0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request to port 9095.
8 CVE-2002-2269 22 Dir. Trav. 2002-12-31 2008-09-05
9.4
None Remote Low Not required Complete Complete None
Directory traversal vulnerability in Webster HTTP Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
9 CVE-2002-2256 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters.
10 CVE-2002-2240 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request.
11 CVE-2002-2238 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in the Kunani ODBC FTP Server 1.0.10 allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in a GET request.
12 CVE-2002-2233 22 DoS Dir. Trav. 2002-12-31 2008-09-05
8.3
None Remote Medium Not required Partial Partial Complete
Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/..@/..".
13 CVE-2002-2229 22 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in Sapio Design Ltd. WebReflex 1.53 allows remote attackers to read arbitrary files via a .. in an HTTP request.
14 CVE-2002-2167 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null character in the $designNo variable, which is part of an "include" function call.
15 CVE-2002-2154 22 Dir. Trav. 2002-12-31 2012-10-24
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
16 CVE-2002-2144 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.
17 CVE-2002-2131 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitrary files via a .. (dot dot) in an unknown argument.
18 CVE-2002-2085 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request.
19 CVE-2002-2084 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters.
20 CVE-2002-2076 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
21 CVE-2002-2050 Dir. Trav. 2002-12-31 2008-09-05
2.1
None Local Low Not required None Partial None
Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.
22 CVE-2002-1987 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot).
23 CVE-2002-1982 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.
24 CVE-2002-1966 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
25 CVE-2002-1926 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP query string.
26 CVE-2002-1864 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.
27 CVE-2002-1819 Dir. Trav. 2002-12-31 2008-09-05
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote attackers to read or execute arbitrary files via a ".." (dot dot) in the URL.
28 CVE-2002-1815 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
29 CVE-2002-1813 Dir. Trav. 2002-12-31 2008-09-05
2.6
None Remote High Not required None Partial None
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link.
30 CVE-2002-1761 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
31 CVE-2002-1744 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).
32 CVE-2002-1741 Dir. Trav. 2002-12-31 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter.
33 CVE-2002-1684 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.
34 CVE-2002-1628 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter.
35 CVE-2002-1627 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the quiz parameter.
36 CVE-2002-1626 Dir. Trav. 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to write arbitrary files via .. (dot dot) sequences in a URL.
37 CVE-2002-1600 Dir. Trav. 2002-01-09 2008-09-10
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter.
38 CVE-2002-1354 Dir. Trav. 2002-12-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the contents of arbitrary directories via a ... (dot dot dot) in the cd/CWD command.
39 CVE-2002-1345 Dir. Trav. 2002-12-23 2008-09-10
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
40 CVE-2002-1344 Dir. Trav. 2002-12-18 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
41 CVE-2002-1296 Exec Code Dir. Trav. 2002-12-23 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
42 CVE-2002-1224 Dir. Trav. 2002-10-28 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
43 CVE-2002-1213 Dir. Trav. 2002-10-28 2008-09-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to read arbitrary files via an HTTP request with ".." (dot-dot) sequences containing URL-encoded forward slash ("%2F") characters.
44 CVE-2002-1209 Dir. Trav. 2002-11-04 2008-09-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
45 CVE-2002-1199 Dir. Trav. 2002-10-28 2008-09-10
5.0
None Remote Low Not required Partial None None
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
46 CVE-2002-1178 Exec Code Dir. Trav. 2002-10-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory.
47 CVE-2002-1133 Dir. Trav. 2002-10-04 2008-09-10
5.0
None Remote Low Not required Partial None None
Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters.
48 CVE-2002-1083 Dir. Trav. 2002-10-04 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences.
49 CVE-2002-1079 Dir. Trav. 2002-10-04 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request.
50 CVE-2002-1058 +Priv Dir. Trav. 2002-10-04 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cookie that point to an alternate session file.
Total number of vulnerabilities : 103   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.