Security Vulnerabilities, CVEs, Published In July 2012 (Directory traversal)

CVE-2012-4031

Public exploit
Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85.
Max CVSS
5.0
EPSS Score
22.01%
Published
2012-07-17
Updated
2017-08-29

CVE-2012-4027

Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intended images, nav, and px folders by leveraging incorrect permissions, as demonstrated by reading the config.bog file.
Max CVSS
5.0
EPSS Score
0.21%
Published
2012-07-16
Updated
2023-03-22

CVE-2012-3360

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot dot) in the path attribute of a file element.
Max CVSS
5.5
EPSS Score
0.44%
Published
2012-07-22
Updated
2012-08-17

CVE-2012-2560

Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001.
Max CVSS
5.0
EPSS Score
0.25%
Published
2012-07-05
Updated
2012-07-17

CVE-2012-2202

Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
Max CVSS
3.5
EPSS Score
0.33%
Published
2012-07-27
Updated
2017-12-22

CVE-2012-2194

Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.85%
Published
2012-07-25
Updated
2017-12-22

CVE-2012-2181

Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-07-03
Updated
2017-08-29

CVE-2012-2139

Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.
Max CVSS
5.0
EPSS Score
3.29%
Published
2012-07-18
Updated
2013-10-07

CVE-2012-0410

Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
Max CVSS
5.0
EPSS Score
80.37%
Published
2012-07-05
Updated
2013-04-02

CVE-2011-2657

Public exploit
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.
Max CVSS
6.8
EPSS Score
96.17%
Published
2012-07-26
Updated
2012-07-27
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close