Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-26 | CVE-2013-1641 | Path Traversal vulnerability in Quixplorer Directory traversal vulnerability in the zip download functionality in QuiXplorer before 2.5.5 allows remote attackers to read arbitrary files via a .. | 7.8 |
| 2014-10-21 | CVE-2014-5006 | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. | 7.5 |
| 2014-10-21 | CVE-2014-5005 | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. | 7.5 |
| 2014-10-21 | CVE-2014-4577 | Path Traversal vulnerability in Websupporter WP Amasin - the Amazon Affiliate Shop 0.9.6 Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pathname in the url parameter. | 5.0 |
| 2014-10-21 | CVE-2012-5242 | Path Traversal vulnerability in Bananadance Banana Dance 0.9/1.5 Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2014-10-20 | CVE-2014-6308 | Path Traversal vulnerability in Osclass Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2014-10-17 | CVE-2014-2279 | Path Traversal vulnerability in Seeddms Multiple directory traversal vulnerabilities in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allow (1) remote authenticated users with access to the LogManagement functionality to read arbitrary files via a .. | 6.4 |
| 2014-10-08 | CVE-2014-6394 | Path Traversal vulnerability in multiple products visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory. | 7.5 |
| 2014-10-03 | CVE-2014-0754 | Path Traversal vulnerability in Schneider-Electric products Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request. | 10.0 |
| 2014-09-26 | CVE-2014-5319 | Path Traversal vulnerability in S-Link Slfilemanager Directory traversal vulnerability in the S-Link SLFileManager application 1.2.5 and earlier for Android allows remote attackers to write to files via unspecified vectors. | 6.4 |