Explore CVEs related to Directory Traversal vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.
Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.
You're viewing Directory Traversal CVEs published in 2001. View full CVE list
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2001-1494 | script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command. | 5.5 | 0.43% | 2001-12-31 | 2026-06-16 |
| CVE-2001-1205 | Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to read arbitrary files via '..' sequences in the $error_log variable. | 5.0 | 2.56% | 2001-12-30 | 2026-06-16 |
| CVE-2001-1432 | Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | 7.8 | 4.07% | 2001-12-29 | 2026-06-16 |
| CVE-2001-0780 | Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. | 5.0 | 7.45% | 2001-10-18 | 2026-06-16 |
| CVE-2001-1378 | fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files. | 2.1 | 0.34% | 2001-09-06 | 2026-06-16 |
| CVE-2001-1042 | Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | 7.5 | 3.29% | 2001-07-02 | 2026-06-16 |
| CVE-2001-1386 | WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | 7.5 | 3.04% | 2001-07-01 | 2026-06-16 |
| CVE-2001-1043 | ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | 7.5 | 3.32% | 2001-07-01 | 2026-06-16 |
| CVE-2001-0925 | The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex. | 5.0 | 75.24% | 2001-03-12 | 2026-06-16 |
| CVE-2001-0131 | htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. | 3.3 | 2.31% | 2001-03-12 | 2026-06-16 |
| CVE-2000-0368 | Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. | 2.1 | 0.37% | 2001-03-12 | 2026-06-16 |
| CVE-2001-0054 | Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | 5.0 | 12.05% | 2001-02-16 | 2026-06-16 |
| CVE-2000-1178 | Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | 5.5 | 0.56% | 2001-01-09 | 2026-06-16 |