Searching 2e software vulnerabilities

IIS 3.0 with the iis-fix hotfix installed allow

installed | intruders | programs | instead | iis-fix | source | allows | hotfix | remote | using | read | code | IIS | %2e | ASP |

IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.


Web configuration server in 602Pro LAN SUITE al

configuration | containing | arbitrary | attackers | possibly | commands | request | service | execute | denial | 602Pro | server | allows | remote | cause | SUITE | "%2e" | HTTP | long | LAN | Web | via |

Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) characters.


T. Hauck Jana Webserver 1.46 and earlier allows

Webserver | Hauck | Jana |

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e).


WebSeal in IBM Tivoli SecureWay Policy Director

SecureWay | attackers | Director | WebSeal | service | remote | denial | Policy | Tivoli | allows | cause | IBM |

WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.


ScriptEase MiniWeb Server 0.95 allows remote at

ScriptEase | MiniWeb | Server |

ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character.


Directory traversal vulnerability in iWeb Serve

vulnerability | URL-encoded | containing | arbitrary | attackers | Directory | traversal | sequences | request | allows | Server | remote | files | read | iWeb | HTTP | via |

Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than CVE-2003-0474.


Apple Safari allows remote attackers to bypass

restrictions | application | attackers | intended | "%2e%2e" | access | allows | Safari | bypass | remote | cookie | Apple | via | web |

Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.


Opera allows remote attackers to bypass intende

restrictions | application | attackers | intended | "%2e%2e" | access | cookie | allows | remote | bypass | Opera | via | web |

Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.


Mozilla allows remote attackers to bypass inten

restrictions | application | attackers | intended | "%2e%2e" | Mozilla | access | allows | remote | cookie | bypass | via | web |

Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.


Directory traversal vulnerability in Accipiter

vulnerability | arbitrary | attackers | Accipiter | Directory | traversal | encoded | remote | Server | Direct | allows | files | read | via |

Directory traversal vulnerability in Accipiter Direct Server 6.0 allows remote attackers to read arbitrary files via encoded \.. (backslash .., "%5c%2e%2e") sequences in an HTTP request.


Directory traversal vulnerability in Web Forums

vulnerability | containing | arbitrary | attackers | traversal | Directory | allows | remote | Server | Forums | files | Power | read | Pack | Web | URL | via |

Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing (1) "..\" (dot dot backslash), (2) "../" (dot dot slash), (3) "/%2E%2E%5C" (encoded dot dot backslash), or (4) "%2E%2E%2F" (encoded dot dot slash).


Multiple directory traversal vulnerabilities in

vulnerabilities | traversal | directory | Multiple | Borland | Server | Web |

Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.


Directory traversal vulnerability in ADA Image

vulnerability | Directory | traversal | Server | Image | ADA |

Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f").


Directory traversal vulnerability in Sami HTTP

vulnerability | Directory | traversal | Server | HTTP | Sami |

Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrary files via an HTTP request containing (1) .. (dot dot) or (2) "%2e%2e" (encoded dot dot) sequences.


Finjan SurfinGate 7.0SP2 and SP3 allows remote

demonstrated | hex-encoded | characters | SurfinGate | attackers | download | filename | blocked | allows | Finjan | remote | 70SP2 | using | "%2e" | files | via | SP3 |

Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e".


Encoded directory traversal vulnerability in ph

vulnerability | phpPgAdmin | traversal | directory | Encoded |

Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.


Directory traversal vulnerability in dwnld.php

vulnerability | Directory | traversal | dwnldphp | GuppY |

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." (mixed encoding) in the pg parameter.


Directory traversal vulnerability in jetty 6.0.

vulnerability | Directory | traversal | jetty | 60x |

Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL.


Directory traversal vulnerability in Nullsoft S

vulnerability | SHOUTcast | Directory | traversal | Nullsoft | before | DSP |

Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal sequences before decoding, which allows remote attackers to read arbitrary files via encoded dot dot (%2E%2E) sequences in an HTTP GET request for a file path containing "/content".


Directory traversal vulnerability in httpd in R

vulnerability | URL-encoded | attackers | arbitrary | "%2e%2e/" | traversal | Directory | sequences | Landley | BusyBox | allows | remote | httpd | files | read | URI | via | Rob |

Directory traversal vulnerability in httpd in Rob Landley BusyBox allows remote attackers to read arbitrary files via URL-encoded "%2e%2e/" sequences in the URI.


Software vulnerabilities results 1 to 20 of 27     
Page: 12