Security Vulnerabilities, CVEs, Published In October 2011 (Directory traversal)
Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject of a CSR in 2.6 and 0.25.
Max CVSS
5.0
EPSS Score
0.58%
Published
2011-10-27
Updated
2019-07-10
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
Max CVSS
7.8
EPSS Score
72.02%
Published
2011-10-27
Updated
2014-02-27
CVE-2011-3305
Public exploit
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.
Max CVSS
7.8
EPSS Score
1.50%
Published
2011-10-06
Updated
2017-08-29
Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.
Max CVSS
6.8
EPSS Score
0.63%
Published
2011-10-14
Updated
2017-08-29
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.
Max CVSS
6.8
EPSS Score
1.28%
Published
2011-10-04
Updated
2019-09-09
Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder_level parameter. NOTE: this issue has been disputed by a reliable third party
Max CVSS
10.0
EPSS Score
3.94%
Published
2011-10-09
Updated
2024-04-11
Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parameter.
Max CVSS
7.5
EPSS Score
0.75%
Published
2011-10-05
Updated
2018-10-10
Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the showlang parameter.
Max CVSS
5.0
EPSS Score
0.51%
Published
2011-10-05
Updated
2012-02-14
8 vulnerabilities found