Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-14 | CVE-2016-9210 | Path Traversal vulnerability in Cisco Unified Communications Manager 11.5(1.11007.2) A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. | 7.5 |
| 2016-12-14 | CVE-2016-9208 | Path Traversal vulnerability in Cisco Emergency Responder 11.5(2.10000.5) A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system of an affected device. | 6.5 |
| 2016-12-14 | CVE-2016-9199 | Path Traversal vulnerability in Cisco IOX 1.1.0 A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. | 6.5 |
| 2016-12-11 | CVE-2016-6614 | Path Traversal vulnerability in PHPmyadmin An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. | 6.8 |
| 2016-12-10 | CVE-2016-7116 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. | 6.0 |
| 2016-12-09 | CVE-2016-6321 | Path Traversal vulnerability in GNU TAR Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. | 7.5 |
| 2016-11-30 | CVE-2016-2933 | Path Traversal vulnerability in IBM Bigfix Remote Control 9.1.2 Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request. | 6.8 |
| 2016-11-04 | CVE-2016-9177 | Path Traversal vulnerability in Sparkjava Spark Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2016-10-06 | CVE-2016-1000112 | Path Traversal vulnerability in Contussupport Contus-Video-Comments 1.0 Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin | 9.1 |
| 2016-10-06 | CVE-2015-1000006 | Path Traversal vulnerability in Recent-Backups Project Recent-Backups 0.7 Remote file download vulnerability in recent-backups v0.7 wordpress plugin | 7.5 |