Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-21 | CVE-2015-0867 | Path Traversal vulnerability in Synck Graphica Download LOG CGI 3.0 Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename. | 5.0 |
2015-01-21 | CVE-2015-0516 | Path Traversal vulnerability in EMC Vipr SRM and Watch4Net Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL. | 4.0 |
2015-01-15 | CVE-2015-0552 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo." | 6.4 |
2015-01-13 | CVE-2015-0016 | Path Traversal vulnerability in Microsoft products Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability." | 9.3 |
2015-01-13 | CVE-2014-10037 | Path Traversal vulnerability in Domphp Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. | 7.5 |
2015-01-13 | CVE-2014-100033 | Path Traversal vulnerability in Licensepal Arcticdesk Directory traversal vulnerability in LicensePal ArcticDesk before 1.2.5 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2015-01-13 | CVE-2014-100029 | Path Traversal vulnerability in Ganesha Digital Library Project Ganesha Digital Library 4.2 Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. | 5.0 |
2015-01-13 | CVE-2014-100015 | Path Traversal vulnerability in Solidworks Product Data Management 2014 Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. | 6.4 |
2015-01-13 | CVE-2014-10010 | Path Traversal vulnerability in PHPjabbers Appointment Scheduler 2.0 Directory traversal vulnerability in PHPJabbers Appointment Scheduler 2.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
2015-01-13 | CVE-2014-100002 | Path Traversal vulnerability in Zohocorp Manageengine Supportcenter Plus Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to WorkOrder.do in the file attachment for a new ticket. | 5.0 |