Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-29 | CVE-2012-4915 | Path Traversal vulnerability in Davistribe Google DOC Embedder Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-05-21 | CVE-2014-3806 | Path Traversal vulnerability in Vmturbo Operations Manager 4.0/4.5 Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-05-20 | CVE-2014-3460 | Path Traversal vulnerability in Microfocus Sentinel and Sentinel Agent Manager Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname. | 6.8 |
2014-05-20 | CVE-2013-6975 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217. | 4.6 |
2014-05-16 | CVE-2014-0918 | Path Traversal vulnerability in IBM Websphere Portal Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL. | 7.1 |
2014-05-14 | CVE-2013-5655 | Path Traversal vulnerability in Xiaowen Huang Yingzhi Python Programming Language 1.9 Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. | 6.4 |
2014-05-14 | CVE-2013-3514 | Path Traversal vulnerability in Openx Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a .. | 4.3 |
2014-05-14 | CVE-2014-3225 | Path Traversal vulnerability in Cobblerd Cobbler Absolute path traversal vulnerability in the web interface in Cobbler 2.4.x through 2.6.x allows remote authenticated users to read arbitrary files via the Kickstart field in a profile. | 4.0 |
2014-05-14 | CVE-2014-3127 | Path Traversal vulnerability in Debian Dpkg dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. | 7.1 |
2014-05-12 | CVE-2013-5984 | Path Traversal vulnerability in Microweber 0.8 Directory traversal vulnerability in userfiles/modules/admin/backup/delete.php in Microweber before 0.830 allows remote attackers to delete arbitrary files via a .. | 6.4 |