Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-06-24 | CVE-2015-5065 | Path Traversal vulnerability in Intelligent-It Paypal Currency Converter Basic FOR Woocommerce Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter. | 5.0 |
2015-06-23 | CVE-2015-2860 | Path Traversal vulnerability in Avigilon Control Center 4.12.0.53/5.4.2.21 Directory traversal vulnerability in Avigilon Control Center (ACC) 4 before 4.12.0.54 and 5 before 5.4.2.22 allows remote attackers to read arbitrary files via a crafted help/ URL. | 7.8 |
2015-06-19 | CVE-2015-4641 | Path Traversal vulnerability in Swiftkey SDK Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and consequently execute arbitrary code in a privileged context, by leveraging control of the skslm.swiftkey.net domain name and providing a .. | 6.4 |
2015-06-18 | CVE-2015-3897 | Path Traversal vulnerability in Bonitasoft Bonita BPM Portal Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. | 5.0 |
2015-06-17 | CVE-2015-4414 | Path Traversal vulnerability in SE Html5 Album Audio Player Project SE Html5 Album Audio Player 1.1.0 Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2015-06-15 | CVE-2015-4152 | Path Traversal vulnerability in Elastic Logstash Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option. | 6.4 |
2015-06-10 | CVE-2015-4153 | Path Traversal vulnerability in Zanematthew ZM Ajax Login & Register 1.0.9 Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a load_template action to wp-admin/admin-ajax.php. | 5.0 |
2015-06-10 | CVE-2014-8606 | Path Traversal vulnerability in Xcloner 3.1.1/3.5.1 Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to read arbitrary files via a .. | 4.0 |
2015-06-10 | CVE-2015-4415 | Path Traversal vulnerability in Magnifica Webscripts Anima Gallery 2.6 Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 allow remote attackers to include and execute arbitrary local files via a .. | 5.0 |
2015-06-09 | CVE-2015-3648 | Path Traversal vulnerability in Montala Resourcespace Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace before 7.2.6727 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |