Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-12-13 | CVE-2015-6406 | Path Traversal vulnerability in Cisco Emergency Responder 10.5(1.10000.5) Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv21781. | 4.0 |
2015-12-11 | CVE-2015-7037 | Path Traversal vulnerability in Apple Iphone OS Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows attackers to read arbitrary files via a crafted pathname. | 5.0 |
2015-11-25 | CVE-2015-5322 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and read arbitrary files in the Jenkins servlet resources via directory traversal sequences in a request to jnlpJars/. | 5.0 |
2015-11-24 | CVE-2015-8228 | Path Traversal vulnerability in Huawei AR Firmware Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors. | 4.0 |
2015-11-16 | CVE-2015-7815 | Path Traversal vulnerability in Matomo Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter. | 7.5 |
2015-11-07 | CVE-2015-7254 | Path Traversal vulnerability in Huawei Hg532E, Hg532N and Hg532S Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. | 5.0 |
2015-10-26 | CVE-2015-6500 | Path Traversal vulnerability in Owncloud Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remote authenticated users to list directory contents and possibly cause a denial of service (CPU consumption) via a .. | 7.5 |
2015-10-25 | CVE-2015-1003 | Path Traversal vulnerability in Ininet Solutions Scada web Server Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to read arbitrary files via a crafted pathname. | 5.0 |
2015-10-23 | CVE-2015-7006 | Path Traversal vulnerability in Apple Iphone OS, mac OS X and Watchos Directory traversal vulnerability in the BOM (aka Bill of Materials) component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code via a crafted CPIO archive. | 6.8 |
2015-10-21 | CVE-2015-4716 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors. | 10.0 |