Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-14 | CVE-2016-9199 | Path Traversal vulnerability in Cisco IOX 1.1.0 A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. | 6.5 |
| 2016-12-11 | CVE-2016-6614 | Path Traversal vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. | 6.8 |
| 2016-12-10 | CVE-2016-7116 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. | 6.0 |
| 2016-12-09 | CVE-2016-6321 | Path Traversal vulnerability in GNU TAR Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. | 7.5 |
| 2016-11-30 | CVE-2016-2933 | Path Traversal vulnerability in IBM Bigfix Remote Control 9.1.2 Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request. | 6.8 |
| 2016-11-04 | CVE-2016-9177 | Path Traversal vulnerability in Sparkjava Spark Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2016-10-06 | CVE-2016-1000112 | Path Traversal vulnerability in Contussupport Contus-Video-Comments 1.0 Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin | 9.1 |
| 2016-10-06 | CVE-2015-1000006 | Path Traversal vulnerability in Recent-Backups Project Recent-Backups 0.7 Remote file download vulnerability in recent-backups v0.7 wordpress plugin | 7.5 |
| 2016-10-06 | CVE-2015-1000005 | Path Traversal vulnerability in Candidate-Application-Form Project Candidate-Application-Form 1.0 Remote file download vulnerability in candidate-application-form v1.0 wordpress plugin | 7.5 |
| 2016-10-06 | CVE-2016-6023 | Path Traversal vulnerability in IBM Sterling Secure Proxy 3.4.2.0/3.4.3.0 Directory traversal vulnerability in the Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to read arbitrary files via a crafted URL. | 7.5 |