Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-25 | CVE-2012-3305 | Path Traversal vulnerability in IBM Websphere Application Server Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file. | 6.4 |
| 2012-09-25 | CVE-2012-3011 | Path Traversal vulnerability in Fultek Wintr Scada 2.0.0/2.5 Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request. | 7.8 |
| 2012-09-23 | CVE-2012-5100 | Path Traversal vulnerability in Luizpicanco Hserver 0.1.1 Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO. | 5.0 |
| 2012-09-19 | CVE-2012-4997 | Path Traversal vulnerability in Anecms 2E2C583 Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2012-09-06 | CVE-2012-4878 | Path Traversal vulnerability in Flatnux 201108092 Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. | 5.0 |
| 2012-09-06 | CVE-2012-1467 | Path Traversal vulnerability in PKP Open Journal Systems Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. | 6.5 |
| 2012-09-06 | CVE-2012-1112 | Path Traversal vulnerability in Open-Realty 2.3.1/2.3.4/2.5.8 Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2012-09-06 | CVE-2012-4867 | Path Traversal vulnerability in Vtiger CRM 5.1.0 Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2012-09-05 | CVE-2011-4450 | Path Traversal vulnerability in Wikkawiki 1.3.1/1.3.2 Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. | 6.4 |
| 2012-08-31 | CVE-2011-4948 | Path Traversal vulnerability in Egroupware and Egroupware Enterprise Line Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in the type parameter. | 5.0 |