Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-10-01 | CVE-2012-1471 | Path Traversal vulnerability in Ocportal Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-09-28 | CVE-2012-0419 | Path Traversal vulnerability in Novell Groupwise Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request. | 5.0 |
2012-09-26 | CVE-2012-1617 | Path Traversal vulnerability in Juan Ramon Osclass Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. | 6.4 |
2012-09-25 | CVE-2012-3324 | Path Traversal vulnerability in IBM DB2 and DB2 Connect Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. | 9.0 |
2012-09-25 | CVE-2012-3305 | Path Traversal vulnerability in IBM Websphere Application Server Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file. | 6.4 |
2012-09-25 | CVE-2012-3011 | Path Traversal vulnerability in Fultek Wintr Scada 2.0.0/2.5 Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request. | 7.8 |
2012-09-23 | CVE-2012-5100 | Path Traversal vulnerability in Luizpicanco Hserver 0.1.1 Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO. | 5.0 |
2012-09-19 | CVE-2012-4997 | Path Traversal vulnerability in Anecms 2E2C583 Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2012-09-06 | CVE-2012-4878 | Path Traversal vulnerability in Flatnux 201108092 Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. | 5.0 |
2012-09-06 | CVE-2012-1467 | Path Traversal vulnerability in PKP Open Journal Systems Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. | 6.5 |