Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-07-02 | CVE-2014-4689 | Path Traversal vulnerability in Netgate Pfsense Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter. | 5.0 |
2014-07-01 | CVE-2013-3004 | Path Traversal vulnerability in IBM Tivoli Application Dependency Discovery Manager Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors. | 3.5 |
2014-06-20 | CVE-2014-4507 | Path Traversal vulnerability in Theforeman Foreman Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. | 6.4 |
2014-06-19 | CVE-2011-4367 | Path Traversal vulnerability in Apache Myfaces Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arbitrary files via a .. | 5.0 |
2014-06-19 | CVE-2014-2962 | Path Traversal vulnerability in Belkin N150 F9K1009 and N150 F9K1009 Firmware Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. | 7.8 |
2014-06-19 | CVE-2014-2611 | Path Traversal vulnerability in HP Executive Scorecard 9.40/9.41 Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120. | 9.0 |
2014-06-19 | CVE-2014-2610 | Path Traversal vulnerability in HP Executive Scorecard 9.40/9.41 Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117. | 7.1 |
2014-06-18 | CVE-2014-0598 | Path Traversal vulnerability in Novell Open Enterprise Server 11.0 Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors. | 10.0 |
2014-06-18 | CVE-2013-6221 | Path Traversal vulnerability in HP Service Virtualization 3.0 Directory traversal vulnerability in CommunicationServlet in HP Service Virtualization 3.x before 3.50.1, when the AutoPass license server is enabled, allows remote attackers to create arbitrary files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-2031. | 10.0 |
2014-06-18 | CVE-2014-4306 | Path Traversal vulnerability in Webtitan 4.01 Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. | 5.0 |