(dot dot) in the URL of an HTTP GET request.ĭirectory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.ĭirectory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '.' sequences in the $error_log variable.ĭirectory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a. (dot dot) in the mode parameter.ĭirectory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a. \ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.ĭirectory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a. ĭirectory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a. Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.ĭirectory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory structure" action, related to fr-archive. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php. Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a. An attacker may be able to use a simple GET request to perform a directory traversal into system files. (dot dot) in the log parameter in a stats action.Ī Directory Traversal issue was discovered in SpiderControl SCADA Web Server.
(dot dot) in an HTTP GET request.ĭirectory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a. (dot dot) in the SHOW parameter.ĭirectory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a. jpg file upload in contus-video-comments v1.0 wordpress pluginĭirectory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a.
0 kommentar(er)
