CVE Daily
← All tags

Tag: Path Traversal

All CVEs associated with "Path Traversal". Page 71/72 • 8590 CVEs.

Subscribe CVEs: RSS for “Path Traversal”  ·  RSS (High+Critical only)

About “Path Traversal”

A curated feed of “Path Traversal”-related CVEs appears below. We currently track 8590 CVEs for this tag (all time). In the last 365 days, 1472 were published. Average CVSS is 6.8 (all time; 6.9 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), CWE-23 - Relative Path Traversal, CWE-35 - Path Traversal: '.../...//'.

In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2002-08-12
Medium

CVE-2002-0418

Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot)…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0464

Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor…

CVSS: 6.4 CWE: N/A View on NVD
Critical

CVE-2002-0465

Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in t…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2002-0482

Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0503

Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0531

Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0661

Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) sequences containing…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0710

Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter.

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2002-0772

Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2002-0784

Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot).

CVSS: 5.0 CWE: N/A View on NVD
2002-07-26
Medium

CVE-2002-0441

Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0447

Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request.

CVSS: 5.0 CWE: N/A View on NVD
2002-07-23
Medium

CVE-2002-0680

Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely th…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0683

Directory traversal vulnerability in Carello 1.3 allows remote attackers to execute programs on the server via a .. (dot dot) in the VBEXE parameter.

CVSS: 7.5 CWE: N/A View on NVD
2002-07-03
Medium

CVE-2002-0543

Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0556

Directory traversal vulnerability in Quik-Serv HTTP server 1.1B allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0558

Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending…

CVSS: 5.0 CWE: N/A View on NVD
2002-06-25
Medium

CVE-2001-1300

Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0312

Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0325

Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0331

Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0333

Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0347

Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
2002-06-18
Medium

CVE-2002-0591

Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag wi…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0611

Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filter…

CVSS: 5.0 CWE: N/A View on NVD
2002-05-31
High

CVE-2002-0278

Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a .. (dot dot) in the list parameter.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0288

Directory traversal vulnerability in Phusion web server 1.0 allows remote attackers to read arbitrary files via a ... (triple dot dot) in the HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0307

Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the sy…

CVSS: 7.5 CWE: N/A View on NVD
2002-05-29
Medium

CVE-2002-0232

Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14a…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-0233

Directory traversal vulnerability in eshare Expressions 4 Web server allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0244

Directory traversal vulnerability in chroot function in AtheOS 0.3.7 allows attackers to escape the jail via a .. (dot dot) in the pathname argument to chdir.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0261

Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0262

Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

CVSS: 5.0 CWE: N/A View on NVD
2002-03-25
High

CVE-2002-0111

Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0124

MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0144

Directory traversal vulnerability in chuid 1.2 and earlier allows remote attackers to change the ownership of files outside of the upload directory via a .. (dot dot) attack.

CVSS: 7.5 CWE: N/A View on NVD
2002-03-22
Medium

CVE-2000-1210

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.

CVSS: 5.0 CWE: N/A View on NVD
2002-01-09
Medium

CVE-2002-1600

Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows remote attackers to overwrite arbitrary files via the category parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-12-31
Medium

CVE-2001-1209

Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1525

Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1544

Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1580

Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.

CVSS: 5.0 CWE: N/A View on NVD
2001-12-30
Medium

CVE-2001-1205

Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $error_log variable.

CVSS: 5.0 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2001-12-29
High

CVE-2001-1432

Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

CVSS: 7.8 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2001-12-28
Medium

CVE-2001-1204

Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-12-21
High

CVE-2001-0871

Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-1217

Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) seq…

CVSS: 5.0 CWE: N/A View on NVD
2001-12-17
Critical

CVE-2001-1196

Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument.

CVSS: 10.0 CWE: N/A View on NVD
2001-12-13
Medium

CVE-2001-1193

Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.

CVSS: 5.0 CWE: N/A View on NVD
2001-12-06
Medium

CVE-2001-0804

Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0805

Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2001-0841

Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cooki…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0842

Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amemberna…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0853

Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.

CVSS: 5.0 CWE: N/A View on NVD
2001-11-30
Medium

CVE-2001-0938

Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Fi…

CVSS: 6.4 CWE: N/A View on NVD
2001-11-28
High

CVE-2001-0931

Directory traversal vulnerability in Cooolsoft PowerFTP Server 2.03 allows attackers to list or read arbitrary files and directories via a .. (dot dot) in (1) LS or (2) GET.

CVSS: 7.5 CWE: N/A View on NVD
2001-11-22
Medium

CVE-2001-0924

Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-11-18
Medium

CVE-2001-0900

Directory traversal vulnerability in modules.php in Gallery before 1.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the include parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-10-22
High

CVE-2001-1461

Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1…

CVSS: 7.5 CWE: N/A View on NVD
2001-10-18
High

CVE-2001-0758

Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0767

Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0780

Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.

CVSS: 5.0 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2001-0784

Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0785

Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack.

CVSS: 5.0 CWE: N/A View on NVD
2001-10-15
Medium

CVE-2001-1458

Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences…

CVSS: 5.0 CWE: N/A View on NVD
2001-10-12
Medium

CVE-2001-1285

Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-09-27
Medium

CVE-2001-1031

Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command.

CVSS: 5.0 CWE: N/A View on NVD
2001-09-20
Low

CVE-2001-0642

Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in t…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2001-0648

Directory traversal vulnerability in PHProjekt 2.1 and earlier allows a remote attacker to conduct unauthorized activities via a dot dot (..) attack on the file module.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0674

Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0676

Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f and earlier allows a remote attacker to create arbitrary files via a "dot dot" attack in the filename for an attachment.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0680

Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2001-0694

Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0698

Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0705

Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template a…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2001-0963

Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.

CVSS: 7.5 CWE: N/A View on NVD
2001-09-12
High

CVE-2001-1109

Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.

CVSS: 7.5 CWE: N/A View on NVD
2001-09-08
Medium

CVE-2001-1019

Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTML_FILE parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-09-07
High

CVE-2001-1138

Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) i…

CVSS: 7.5 CWE: N/A View on NVD
2001-08-31
Critical

CVE-2001-0966

Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2001-0971

Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
2001-08-29
Medium

CVE-2001-1168

Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-08-22
Medium

CVE-2001-0571

Directory traversal vulnerability in the web server for (1) Elron Internet Manager (IM) Message Inspector and (2) Anti-Virus before 3.0.4 allows remote attackers to read arbitrary files via a .. (dot…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2001-0591

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0630

Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the 'loc' variable.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0633

Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebr…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1139

Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request.

CVSS: 5.0 CWE: N/A View on NVD
2001-08-21
Medium

CVE-2001-1131

Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1295

Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command.

CVSS: 5.0 CWE: N/A View on NVD
2001-08-14
High

CVE-2001-0523

eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacke…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0561

Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1dis…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0574

Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0615

Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of…

CVSS: 5.0 CWE: N/A View on NVD
2001-07-26
High

CVE-2001-1108

Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL.

CVSS: 7.5 CWE: N/A View on NVD
2001-07-23
Medium

CVE-2001-0982

Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing…

CVSS: 5.0 CWE: N/A View on NVD
2001-07-22
Medium

CVE-2001-1010

Directory traversal vulnerability in pagecount CGI script in Sambar Server before 5.0 beta 5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) attack on the page parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-07-20
High

CVE-2001-1265

Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack.

CVSS: 7.5 CWE: N/A View on NVD
2001-07-17
High

CVE-2001-1242

Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.

CVSS: 7.5 CWE: N/A View on NVD
2001-07-13
Medium

CVE-2001-1082

Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack.

CVSS: 5.0 CWE: N/A View on NVD
2001-07-12
Low

CVE-2001-1267

Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2001-1268

Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2001-1270

Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows attackers to overwrite arbitrary files during archive extraction with the -rec (recursive) option vi…

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2001-1271

Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) attack on archived filenames.

CVSS: 2.1 CWE: N/A View on NVD
2001-07-11
Medium

CVE-2001-1144

Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
2001-07-06
Medium

CVE-2001-1045

Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-07-05
Medium

CVE-2001-1408

Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter.

CVSS: 5.0 CWE: N/A View on NVD
2001-07-03
Medium

CVE-2001-1266

Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'.

CVSS: 5.0 CWE: N/A View on NVD
2001-06-27
High

CVE-2001-0333

Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0360

Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0368

Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0407

Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2001-0450

Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the f…

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2001-0453

Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0454

Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0462

Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0463

Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-0467

Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2001-0478

Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0479

Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0480

Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands.

CVSS: 5.0 CWE: N/A View on NVD