Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-3357

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-21 Sep, 2011 | 16:00
Updated At-06 Aug, 2024 | 23:29
Rejected At-
Credits

Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:21 Sep, 2011 | 16:00
Updated At:06 Aug, 2024 | 23:29
Rejected At:
â–¼CVE Numbering Authority (CNA)

Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://securityreason.com/securityalert/8392
third-party-advisory
x_refsource_SREASON
https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f
x_refsource_CONFIRM
http://www.debian.org/security/2011/dsa-2308
vendor-advisory
x_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2011/09/04/1
mailing-list
x_refsource_MLIST
http://security.gentoo.org/glsa/glsa-201211-01.xml
vendor-advisory
x_refsource_GENTOO
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2011/09/04/2
mailing-list
x_refsource_MLIST
http://secunia.com/advisories/45961
third-party-advisory
x_refsource_SECUNIA
https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d
x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=735514
x_refsource_CONFIRM
http://www.securityfocus.com/bid/49448
vdb-entry
x_refsource_BID
http://www.mantisbt.org/bugs/view.php?id=13281
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/69588
vdb-entry
x_refsource_XF
http://secunia.com/advisories/51199
third-party-advisory
x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2011/09/09/9
mailing-list
x_refsource_MLIST
http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html
mailing-list
x_refsource_MLIST
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html
vendor-advisory
x_refsource_FEDORA
http://www.securityfocus.com/archive/1/519547/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://securityreason.com/securityalert/8392
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2011/dsa-2308
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://security.gentoo.org/glsa/glsa-201211-01.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
Resource:
x_refsource_MISC
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://secunia.com/advisories/45961
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d
Resource:
x_refsource_CONFIRM
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=735514
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/49448
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.mantisbt.org/bugs/view.php?id=13281
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69588
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/51199
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/09/9
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.securityfocus.com/archive/1/519547/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://securityreason.com/securityalert/8392
third-party-advisory
x_refsource_SREASON
x_transferred
https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2011/dsa-2308
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.openwall.com/lists/oss-security/2011/09/04/1
mailing-list
x_refsource_MLIST
x_transferred
http://security.gentoo.org/glsa/glsa-201211-01.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
x_refsource_MISC
x_transferred
http://www.openwall.com/lists/oss-security/2011/09/04/2
mailing-list
x_refsource_MLIST
x_transferred
http://secunia.com/advisories/45961
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d
x_refsource_CONFIRM
x_transferred
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
x_refsource_CONFIRM
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=735514
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/49448
vdb-entry
x_refsource_BID
x_transferred
http://www.mantisbt.org/bugs/view.php?id=13281
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/69588
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/51199
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openwall.com/lists/oss-security/2011/09/09/9
mailing-list
x_refsource_MLIST
x_transferred
http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html
mailing-list
x_refsource_MLIST
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.securityfocus.com/archive/1/519547/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://securityreason.com/securityalert/8392
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2308
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201211-01.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://secunia.com/advisories/45961
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=735514
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/49448
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.mantisbt.org/bugs/view.php?id=13281
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69588
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/51199
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/09/9
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/519547/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:21 Sep, 2011 | 16:55
Updated At:29 Apr, 2026 | 01:13

Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>Versions up to 1.2.7(inclusive)
cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>0.19.3
cpe:2.3:a:mantisbt:mantisbt:0.19.3:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>0.19.4
cpe:2.3:a:mantisbt:mantisbt:0.19.4:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.0
cpe:2.3:a:mantisbt:mantisbt:1.0.0:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.1
cpe:2.3:a:mantisbt:mantisbt:1.0.1:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.2
cpe:2.3:a:mantisbt:mantisbt:1.0.2:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.3
cpe:2.3:a:mantisbt:mantisbt:1.0.3:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.4
cpe:2.3:a:mantisbt:mantisbt:1.0.4:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.5
cpe:2.3:a:mantisbt:mantisbt:1.0.5:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.6
cpe:2.3:a:mantisbt:mantisbt:1.0.6:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.7
cpe:2.3:a:mantisbt:mantisbt:1.0.7:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.0.8
cpe:2.3:a:mantisbt:mantisbt:1.0.8:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.0
cpe:2.3:a:mantisbt:mantisbt:1.1.0:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.1
cpe:2.3:a:mantisbt:mantisbt:1.1.1:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.2
cpe:2.3:a:mantisbt:mantisbt:1.1.2:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.4
cpe:2.3:a:mantisbt:mantisbt:1.1.4:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.5
cpe:2.3:a:mantisbt:mantisbt:1.1.5:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.6
cpe:2.3:a:mantisbt:mantisbt:1.1.6:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.7
cpe:2.3:a:mantisbt:mantisbt:1.1.7:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.1.8
cpe:2.3:a:mantisbt:mantisbt:1.1.8:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.0
cpe:2.3:a:mantisbt:mantisbt:1.2.0:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.1
cpe:2.3:a:mantisbt:mantisbt:1.2.1:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.2
cpe:2.3:a:mantisbt:mantisbt:1.2.2:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.3
cpe:2.3:a:mantisbt:mantisbt:1.2.3:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.4
cpe:2.3:a:mantisbt:mantisbt:1.2.4:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.5
cpe:2.3:a:mantisbt:mantisbt:1.2.5:*:*:*:*:*:*:*
Mantis Bug Tracker (MantisBT)
mantisbt
>>mantisbt>>1.2.6
cpe:2.3:a:mantisbt:mantisbt:1.2.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
CWE ID: CWE-22
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297secalert@redhat.com
Exploit
Patch
http://lists.debian.org/debian-security-tracker/2011/09/msg00012.htmlsecalert@redhat.com
Exploit
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.htmlsecalert@redhat.com
Exploit
http://secunia.com/advisories/45961secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/51199secalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-201211-01.xmlsecalert@redhat.com
N/A
http://securityreason.com/securityalert/8392secalert@redhat.com
N/A
http://www.debian.org/security/2011/dsa-2308secalert@redhat.com
N/A
http://www.mantisbt.org/bugs/view.php?id=13281secalert@redhat.com
Exploit
http://www.openwall.com/lists/oss-security/2011/09/04/1secalert@redhat.com
Exploit
http://www.openwall.com/lists/oss-security/2011/09/04/2secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2011/09/09/9secalert@redhat.com
Exploit
http://www.securityfocus.com/archive/1/519547/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/49448secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=735514secalert@redhat.com
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/69588secalert@redhat.com
N/A
https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273dsecalert@redhat.com
Patch
https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0fsecalert@redhat.com
Patch
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.htmlsecalert@redhat.com
Exploit
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://lists.debian.org/debian-security-tracker/2011/09/msg00012.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://secunia.com/advisories/45961af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/51199af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201211-01.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/8392af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2011/dsa-2308af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mantisbt.org/bugs/view.php?id=13281af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.openwall.com/lists/oss-security/2011/09/04/1af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.openwall.com/lists/oss-security/2011/09/04/2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2011/09/09/9af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.securityfocus.com/archive/1/519547/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/49448af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=735514af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/69588af854a3a-2127-422b-91ae-364da2661108
N/A
https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273daf854a3a-2127-422b-91ae-364da2661108
Patch
https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0faf854a3a-2127-422b-91ae-364da2661108
Patch
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
Source: secalert@redhat.com
Resource:
Exploit
Patch
Hyperlink: http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/45961
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/51199
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201211-01.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/8392
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2308
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mantisbt.org/bugs/view.php?id=13281
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/1
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/2
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/09/9
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/archive/1/519547/100/0/threaded
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/49448
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=735514
Source: secalert@redhat.com
Resource:
Exploit
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69588
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
Source: secalert@redhat.com
Resource:
Exploit
Hyperlink: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/45961
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/51199
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201211-01.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/8392
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2308
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mantisbt.org/bugs/view.php?id=13281
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/04/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/09/09/9
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.securityfocus.com/archive/1/519547/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/49448
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=735514
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69588
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit

Change History

0
Information is not available yet

Similar CVEs

319Records found
CVE-2011-0903
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.14% / 84.33%
||
7 Day CHG~0.00%
Published-07 Feb, 2011 | 20:19
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in AR Web Content Manager (AWCM) 2.2 allow remote attackers to read arbitrary files and possibly have other unspecified impact via a .. (dot dot) in the (1) awcm_theme or (2) awcm_lang cookie to (a) index.php or (b) header.php.

Action-Not Available
Vendor-awcm-cmsn/a
Product-ar_web_content_managern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2011-0405
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-9.89% / 93.05%
||
7 Day CHG~0.00%
Published-11 Jan, 2011 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter.

Action-Not Available
Vendor-phpgedviewn/a
Product-phpgedviewn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-6110
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8||HIGH
EPSS-1.10% / 78.16%
||
7 Day CHG~0.00%
Published-08 Jun, 2020 | 13:22
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. An attacker needs to send a specially crafted message to a target user or a group to trigger this vulnerability. For the most severe effect, target user interaction is required.

Action-Not Available
Vendor-n/aZoom Communications, Inc.
Product-zoomZoom
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-4406
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.75% / 82.71%
||
7 Day CHG~0.00%
Published-04 Dec, 2010 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.

Action-Not Available
Vendor-brunettonn/a
Product-littlephpgalleryn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-5281
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-4.89% / 89.65%
||
7 Day CHG~0.00%
Published-26 Nov, 2012 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-net4visionsn/a
Product-ibrowsern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2018-20250
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-7.8||HIGH
EPSS-93.46% / 99.83%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 20:00
Updated-31 Oct, 2025 | 22:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-08-15||Apply updates per vendor instructions.

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.

Action-Not Available
Vendor-RARLAB (WinRAR)Check Point Software Technologies Ltd.
Product-winrarWinRARWinRAR
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-36
Absolute Path Traversal
CVE-2016-4313
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-3.22% / 87.13%
||
7 Day CHG~0.00%
Published-24 Apr, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.

Action-Not Available
Vendor-extplorern/a
Product-extplorern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-3480
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-5.12% / 89.91%
||
7 Day CHG~0.00%
Published-22 Sep, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.

Action-Not Available
Vendor-apphpn/a
Product-php_microcmsn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-3910
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.74% / 82.62%
||
7 Day CHG~0.00%
Published-26 Nov, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in the return_application_language function in include/utils/utils.php in vtiger CRM before 5.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang_crm parameter to phprint.php or (2) the current_language parameter in an Accounts Import action to graph.php.

Action-Not Available
Vendor-vtigern/a
Product-vtiger_crmn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-4330
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-7.27% / 91.69%
||
7 Day CHG~0.00%
Published-07 Dec, 2010 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.

Action-Not Available
Vendor-pulsecmsn/a
Product-pulse_cmsn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-3606
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.17% / 37.34%
||
7 Day CHG~0.00%
Published-24 Sep, 2010 | 19:44
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters.

Action-Not Available
Vendor-netartmedian/a
Product-real_estate_portaln/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2507
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.92% / 83.50%
||
7 Day CHG~0.00%
Published-28 Jun, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-masselinkn/aJoomla!
Product-joomla\!com_picasa2galleryn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2680
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.01% / 83.85%
||
7 Day CHG~0.00%
Published-09 Jul, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.

Action-Not Available
Vendor-harmistechnologyn/aJoomla!
Product-joomla\!com_jesectionfindern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2456
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.08% / 84.11%
||
7 Day CHG~0.00%
Published-25 Jun, 2010 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.

Action-Not Available
Vendor-codelibn/a
Product-linker_imgn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2313
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-5.26% / 90.05%
||
7 Day CHG~0.00%
Published-17 Jun, 2010 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to index.php. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-anodyne-productionsn/a
Product-simm_management_systemn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2786
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.51% / 66.36%
||
7 Day CHG~0.00%
Published-02 Aug, 2010 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows remote attackers to include arbitrary local files and possibly have unspecified other impact via directory traversal sequences in a crafted data-renderer request.

Action-Not Available
Vendor-matomon/a
Product-matomon/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2920
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-3.57% / 87.80%
||
7 Day CHG~0.00%
Published-30 Jul, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.

Action-Not Available
Vendor-fooblan/aJoomla!
Product-joomla\!com_foobla_suggestionsn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2857
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.01% / 83.85%
||
7 Day CHG~0.00%
Published-23 Jul, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the cid parameter to album.html.

Action-Not Available
Vendor-danieljamesscottn/a
Product-com_musicn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1478
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.31% / 84.89%
||
7 Day CHG~0.00%
Published-19 Apr, 2010 | 19:04
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-ternarian/aJoomla!
Product-joomla\!com_jfeedbackn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1474
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.98% / 76.92%
||
7 Day CHG~0.00%
Published-19 Apr, 2010 | 19:04
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-supachai_teasakuln/aJoomla!
Product-joomla\!com_sweetykeepern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1219
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-3.28% / 87.27%
||
7 Day CHG~0.00%
Published-30 Mar, 2010 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-com_janewsn/aJoomla!
Product-com_janewsjoomlan/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1679
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.79% / 74.02%
||
7 Day CHG~0.00%
Published-11 Jan, 2011 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-dpkgn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1469
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.90% / 86.42%
||
7 Day CHG~0.00%
Published-19 Apr, 2010 | 19:04
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-ternarian/aJoomla!
Product-com_jprojectmanagerjoomla\!n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1999
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.89% / 83.32%
||
7 Day CHG~0.00%
Published-20 May, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.

Action-Not Available
Vendor-openmairien/a
Product-opencataloguen/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2138
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.11% / 78.27%
||
7 Day CHG~0.00%
Published-02 Jun, 2010 | 18:14
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SESSION[userLang] parameter to (1) elisttasks.php, (2) managepmanagers.php, (3) manageusers.php, (4) helpfunc.php, (5) managegroups.php, (6) manageprocess.php, and (7) manageusersgroups.php.

Action-Not Available
Vendor-giaardn/a
Product-promann/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-2129
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-3.65% / 87.93%
||
7 Day CHG~0.00%
Published-01 Jun, 2010 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.1 and 1.0.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-harmistechnologyn/aJoomla!
Product-com_jeajaxeventcalendarjoomla\!n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1607
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.05% / 84.02%
||
7 Day CHG~0.00%
Published-29 Apr, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-paysyspron/aJoomla!
Product-joomla\!com_wmin/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1979
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.06% / 84.04%
||
7 Day CHG~0.00%
Published-19 May, 2010 | 19:31
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-affiliatefeedsn/aJoomla!
Product-joomla\!com_datafeedsn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1268
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-3.84% / 88.26%
||
7 Day CHG~0.00%
Published-06 Apr, 2010 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-fh54n/a
Product-justvisualn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1723
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.81% / 86.22%
||
7 Day CHG~0.00%
Published-04 May, 2010 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-joomlacomponent.inetlankan/aJoomla!
Product-joomla\!com_drawrootn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1948
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.78% / 82.86%
||
7 Day CHG~0.00%
Published-18 May, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in scr/soustab.php in openMairie Openfoncier 2.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.

Action-Not Available
Vendor-openmairien/a
Product-openfonciern/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1473
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.70% / 85.98%
||
7 Day CHG~0.00%
Published-19 Apr, 2010 | 19:04
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-johnmccollumn/aJoomla!
Product-com_advertisingjoomla\!n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1715
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.05% / 84.02%
||
7 Day CHG~0.00%
Published-04 May, 2010 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-pucit.edun/aJoomla!
Product-com_onlineexamjoomla\!n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1928
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.75% / 82.68%
||
7 Day CHG~0.00%
Published-12 May, 2010 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069.

Action-Not Available
Vendor-openmairien/a
Product-openplanningn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1057
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-4.62% / 89.34%
||
7 Day CHG~0.00%
Published-23 Mar, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php in (1) codelib/cfg/, (2) codelib/sys/, (3) staff/, and (4) staff/app/; and (5) staff/file.php. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-phpkobon/a
Product-adfreelyn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-0953
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.80% / 82.91%
||
7 Day CHG+0.47%
Published-09 Mar, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.

Action-Not Available
Vendor-phpcoinn/a
Product-phpcoinn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-0403
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.66% / 71.19%
||
7 Day CHG~0.00%
Published-18 May, 2010 | 15:29
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.

Action-Not Available
Vendor-phpgroupwaren/a
Product-phpgroupwaren/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-0760
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.05% / 77.62%
||
7 Day CHG~0.00%
Published-27 Feb, 2010 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Action-Not Available
Vendor-greatjoomlan/aJoomla!
Product-joomla\!scriptegrator_pluginn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-0957
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.16% / 36.63%
||
7 Day CHG~0.00%
Published-09 Mar, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter.

Action-Not Available
Vendor-saskia_brucknern/a
Product-saskias_shopsystemn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1056
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-4.00% / 88.49%
||
7 Day CHG~0.00%
Published-23 Mar, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.

Action-Not Available
Vendor-rocketthemen/aJoomla!
Product-joomla\!com_rokdownloadsn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1060
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.92% / 83.47%
||
7 Day CHG~0.00%
Published-23 Mar, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter.

Action-Not Available
Vendor-phpkobon/a
Product-short_urln/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.92% / 83.47%
||
7 Day CHG~0.00%
Published-23 Mar, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG_CODE parameter. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-phpkobon/a
Product-free_real_estate_contact_form_scriptn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1077
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.35% / 80.25%
||
7 Day CHG~0.00%
Published-23 Mar, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter.

Action-Not Available
Vendor-vbulletinvbseon/a
Product-vbseovbulletinn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-1059
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.14% / 34.29%
||
7 Day CHG~0.00%
Published-23 Mar, 2010 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Action-Not Available
Vendor-phpkobon/a
Product-address_book_scriptn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-0958
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.92% / 83.47%
||
7 Day CHG~0.00%
Published-09 Mar, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-thomas_perezn/a
Product-tribisurn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2009-4986
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.24% / 79.40%
||
7 Day CHG~0.00%
Published-25 Aug, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the env parameter.

Action-Not Available
Vendor-in-portaln/a
Product-in-portaln/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2009-4426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-4.75% / 89.50%
||
7 Day CHG~0.00%
Published-28 Dec, 2009 | 18:27
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php.

Action-Not Available
Vendor-launchpadn/a
Product-ignitionn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2009-4946
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.16% / 36.54%
||
7 Day CHG~0.00%
Published-22 Jul, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Messaging (com_messaging) component before 1.5.1 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter in a messages action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Action-Not Available
Vendor-thetrickyn/aJoomla!
Product-joomla\!com_messagingn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2010-0012
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.30% / 53.02%
||
7 Day CHG~0.00%
Published-08 Jan, 2010 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file.

Action-Not Available
Vendor-transmissionbtn/aDebian GNU/LinuxopenSUSE
Product-debian_linuxtransmissionopensusen/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2009-4435
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.85% / 83.15%
||
7 Day CHG~0.00%
Published-28 Dec, 2009 | 18:27
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple directory traversal vulnerabilities in F3Site 2009 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.

Action-Not Available
Vendor-compmaster.prv.pln/a
Product-f3siten/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found