Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-06 | CVE-2012-1112 | Path Traversal vulnerability in Open-Realty 2.3.1/2.3.4/2.5.8 Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2012-09-06 | CVE-2012-4867 | Path Traversal vulnerability in Vtiger CRM 5.1.0 Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-09-05 | CVE-2011-4450 | Path Traversal vulnerability in Wikkawiki 1.3.1/1.3.2 Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. | 6.4 |
2012-08-31 | CVE-2011-4948 | Path Traversal vulnerability in Egroupware and Egroupware Enterprise Line Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in the type parameter. | 5.0 |
2012-08-31 | CVE-2011-5141 | Path Traversal vulnerability in OBM Open Business Management 2.4.0 Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. | 6.0 |
2012-08-27 | CVE-2012-4680 | Path Traversal vulnerability in Ioserver 1.0.18.0 Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a .. | 4.3 |
2012-08-26 | CVE-2011-5127 | Path Traversal vulnerability in Bluecoat Reporter Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | 10.0 |
2012-08-26 | CVE-2012-2227 | Path Traversal vulnerability in Pluxml 0.3.1/5.1.5 Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | 7.5 |
2012-08-22 | CVE-2012-4596 | Path Traversal vulnerability in Mcafee Email Gateway 7.0.0/7.0.1 Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL. | 4.3 |
2012-08-19 | CVE-2012-4356 | Path Traversal vulnerability in Sielcosistemi Winlog Lite and Winlog PRO Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. | 4.3 |