Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-18 | CVE-2012-5641 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI. | 5.0 |
2014-03-18 | CVE-2014-1975 | Path Traversal vulnerability in R-Company Unzipper 1.0.0/1.0.1 Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. | 5.8 |
2014-03-14 | CVE-2013-2085 | Path Traversal vulnerability in Owncloud Directory traversal vulnerability in apps/files_trashbin/index.php in ownCloud Server before 5.0.6 allows remote authenticated users to access arbitrary files via a .. | 4.0 |
2014-03-14 | CVE-2013-2039 | Path Traversal vulnerability in Owncloud Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and 5.x before 5.0.6 allows remote authenticated users to access arbitrary files via unspecified vectors. | 4.0 |
2014-03-14 | CVE-2014-2324 | Path Traversal vulnerability in multiple products Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. | 5.0 |
2014-03-11 | CVE-2013-5639 | Path Traversal vulnerability in Raoul Proenca Gnew 2013.1 Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote attackers to read arbitrary files via a .. | 7.5 |
2014-03-11 | CVE-2013-4413 | Path Traversal vulnerability in Schneems Wicked Directory traversal vulnerability in controller/concerns/render_redirect.rb in the Wicked gem before 1.0.1 for Ruby allows remote attackers to read arbitrary files via a %2E%2E%2F (encoded dot dot slash) in the step. | 5.0 |
2014-03-09 | CVE-2014-2314 | Path Traversal vulnerability in Atlassian Jira Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors. | 4.3 |
2014-03-09 | CVE-2014-2313 | Path Traversal vulnerability in Atlassian Jira Directory traversal vulnerability in the Importers plugin in Atlassian JIRA before 6.0.5 allows remote attackers to create arbitrary files via unspecified vectors. | 4.3 |
2014-03-06 | CVE-2014-1907 | Path Traversal vulnerability in Videowhisper Live Streaming Integration Plugin Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. | 6.4 |