Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2014-07-20 CVE-2014-1973 Path Traversal vulnerability in Nextapp File Explorer
Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.
network
low complexity
nextapp CWE-22
5.0
2014-07-18 CVE-2014-3323 Path Traversal vulnerability in Cisco Unified Contact Center Enterprise
Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262.
network
low complexity
cisco CWE-22
4.0
2014-07-16 CVE-2014-3777 Path Traversal vulnerability in Reportico PHP Report Designer
Directory traversal vulnerability in Reportico PHP Report Designer before 4.0 allows remote attackers to read arbitrary files via a ..
network
low complexity
reportico CWE-22
5.0
2014-07-14 CVE-2014-3319 Path Traversal vulnerability in Cisco Unified Communications Manager 10.0(1)
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.
network
low complexity
cisco CWE-22
6.8
2014-07-14 CVE-2014-3317 Path Traversal vulnerability in Cisco Unified Communications Manager 10.0(1)
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314.
network
low complexity
cisco CWE-22
5.5
2014-07-11 CVE-2014-4941 Path Traversal vulnerability in Cross-Rss Plugin Project Wp-Cross-Rss 1.7
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
network
low complexity
cross-rss-plugin-project CWE-22
5.0
2014-07-11 CVE-2014-4940 Path Traversal vulnerability in Tera Charts Plugin Project Tera-Charts 0.1
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a ..
network
low complexity
tera-charts-plugin-project CWE-22
5.0
2014-07-11 CVE-2014-4937 Path Traversal vulnerability in Bookx Plugin Project Bookx 1.7
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a ..
network
low complexity
bookx-plugin-project CWE-22
5.0
2014-07-02 CVE-2014-4690 Path Traversal vulnerability in Netgate Pfsense
Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.
network
low complexity
netgate CWE-22
5.0
2014-07-02 CVE-2014-4689 Path Traversal vulnerability in Netgate Pfsense
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
network
low complexity
netgate CWE-22
5.0