Security Vulnerabilities, CVEs, Published In July 2011 (Directory traversal)
Directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2011-2744.
Max CVSS
5.0
EPSS Score
3.33%
Published
2011-07-19
Updated
2018-10-09
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.
Max CVSS
5.0
EPSS Score
0.56%
Published
2011-07-17
Updated
2011-07-19
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.20%
Published
2011-07-17
Updated
2011-07-19
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
Max CVSS
6.8
EPSS Score
1.54%
Published
2011-07-19
Updated
2018-10-09
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALS[mime_map][$meta->name][transformation] parameter.
Max CVSS
6.0
EPSS Score
22.05%
Published
2011-07-14
Updated
2018-10-09
5 vulnerabilities found