Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-06-13 | CVE-2012-3521 | Path Traversal vulnerability in Qbnz Geshi Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. | 5.0 |
2014-06-06 | CVE-2014-2575 | Path Traversal vulnerability in Devexpress Aspxfilemanager Control FOR Webforms and MVC Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. | 6.5 |
2014-06-05 | CVE-2013-3739 | Path Traversal vulnerability in Network-Weathermap .Network Weathermap 0.97 Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-06-05 | CVE-2014-3975 | Path Traversal vulnerability in Auracms 3.0 Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter. | 5.0 |
2014-05-30 | CVE-2014-2352 | Path Traversal vulnerability in Cogentdatahub Cogent Datahub Directory traversal vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to read arbitrary files of unspecified types, or cause a web-server denial of service, via a crafted pathname. | 6.4 |
2014-05-30 | CVE-2014-3865 | Path Traversal vulnerability in Debian Dpkg-Dev 1.3.0 Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) a +++ header line with a blank pathname. | 6.4 |
2014-05-30 | CVE-2014-3864 | Path Traversal vulnerability in Debian Dpkg-Dev 1.3.0 Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header line. | 6.4 |
2014-05-30 | CVE-2014-3227 | Path Traversal vulnerability in Debian Dpkg dpkg 1.15.9, 1.16.x before 1.16.14, and 1.17.x before 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that allows remote attackers to conduct directory traversal attacks and modify files outside of the intended directories via a crafted source package. | 6.4 |
2014-05-29 | CVE-2012-4915 | Path Traversal vulnerability in Davistribe Google DOC Embedder Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-05-21 | CVE-2014-3806 | Path Traversal vulnerability in Vmturbo Operations Manager 4.0/4.5 Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. | 5.0 |