Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-15 | CVE-2008-3277 | Path Traversal vulnerability in Openfabrics Ibutils 1.211.2/1.5.72 Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header. | 4.4 |
2014-04-15 | CVE-2014-2864 | Path Traversal vulnerability in Paperthin Commonspot Content Server Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences. | 10.0 |
2014-04-15 | CVE-2014-2863 | Path Traversal vulnerability in Paperthin Commonspot Content Server Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a full pathname in a parameter. | 10.0 |
2014-04-15 | CVE-2014-0358 | Path Traversal vulnerability in Xangati Software Release and Xangati XNR Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. | 7.8 |
2014-04-11 | CVE-2014-1969 | Path Traversal vulnerability in Apps4U@Android SD Card Manager 20140223 Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename. | 5.8 |
2014-04-10 | CVE-2013-7361 | Path Traversal vulnerability in SAP CM Services and CMS Services Directory traversal vulnerability in SAP CMS and CM Services allows attackers to upload arbitrary files via unspecified vectors. | 5.0 |
2014-04-10 | CVE-2014-2583 | Path Traversal vulnerability in Linux-Pam 1.1.8 Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. | 5.8 |
2014-04-05 | CVE-2014-2145 | Path Traversal vulnerability in Cisco Unity Connection Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071. | 4.0 |
2014-04-04 | CVE-2014-2210 | Path Traversal vulnerability in CA Erwin web Portal 9.5 Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors. | 7.5 |
2014-04-04 | CVE-2012-4920 | Path Traversal vulnerability in Zingiri Forums Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |