Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-05 | CVE-2014-2145 | Path Traversal vulnerability in Cisco Unity Connection Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071. | 4.0 |
2014-04-04 | CVE-2014-2210 | Path Traversal vulnerability in CA Erwin web Portal 9.5 Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors. | 7.5 |
2014-04-04 | CVE-2012-4920 | Path Traversal vulnerability in Zingiri Forums Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-04-01 | CVE-2014-0632 | Path Traversal vulnerability in EMC Vplex Geosynchrony Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors. | 9.0 |
2014-03-31 | CVE-2013-6768 | Path Traversal vulnerability in Koushik Dutta Superuser 1.0.2.1 Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process. | 5.0 |
2014-03-25 | CVE-2013-1604 | Path Traversal vulnerability in Maygion IP Camera Firmware Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-03-24 | CVE-2014-2588 | Path Traversal vulnerability in Mcafee Asset Manager 6.6 Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2014-03-20 | CVE-2014-1970 | Path Traversal vulnerability in Estrongs ES File Explorer Directory traversal vulnerability in the ES File Explorer File Manager application before 3.0.4 for Android allows remote attackers to overwrite or create arbitrary files via unspecified vectors. | 5.8 |
2014-03-19 | CVE-2014-1507 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object. | 9.3 |
2014-03-19 | CVE-2014-1506 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments. | 6.4 |