Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-31 | CVE-2011-5141 | Path Traversal vulnerability in OBM Open Business Management 2.4.0 Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. | 6.0 |
2012-08-27 | CVE-2012-4680 | Path Traversal vulnerability in Ioserver 1.0.18.0 Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a .. | 4.3 |
2012-08-26 | CVE-2011-5127 | Path Traversal vulnerability in Bluecoat Reporter Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | 10.0 |
2012-08-26 | CVE-2012-2227 | Path Traversal vulnerability in Pluxml 0.3.1/5.1.5 Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter. | 7.5 |
2012-08-22 | CVE-2012-4596 | Path Traversal vulnerability in Mcafee Email Gateway 7.0.0/7.0.1 Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL. | 4.3 |
2012-08-19 | CVE-2012-4356 | Path Traversal vulnerability in Sielcosistemi Winlog Lite and Winlog PRO Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. | 4.3 |
2012-08-14 | CVE-2012-2208 | Path Traversal vulnerability in Piwigo Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2012-08-13 | CVE-2012-4253 | Path Traversal vulnerability in Mysqldumper 1.24.4 Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. | 4.3 |
2012-08-12 | CVE-2012-2968 | Path Traversal vulnerability in Caucho Resin Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. | 5.0 |
2012-08-06 | CVE-2012-3865 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. | 3.5 |