Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-14 | CVE-2012-2208 | Path Traversal vulnerability in Piwigo Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2012-08-13 | CVE-2012-4253 | Path Traversal vulnerability in Mysqldumper 1.24.4 Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. | 4.3 |
2012-08-12 | CVE-2012-2968 | Path Traversal vulnerability in Caucho Resin Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. | 5.0 |
2012-08-06 | CVE-2012-3865 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. | 3.5 |
2012-07-27 | CVE-2012-2202 | Path Traversal vulnerability in IBM products Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. | 3.5 |
2012-07-26 | CVE-2011-2657 | Path Traversal vulnerability in Novell Zenworks Configuration Management 10.2/10.3/11 Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument. | 6.8 |
2012-07-25 | CVE-2012-2194 | Path Traversal vulnerability in IBM DB2 Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors. | 5.0 |
2012-07-22 | CVE-2012-3360 | Path Traversal vulnerability in Openstack Essex and Folsom Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. | 5.5 |
2012-07-18 | CVE-2012-2139 | Path Traversal vulnerability in Rubygems Mail GEM 2.3.2/2.3.3/2.4.1 Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-07-17 | CVE-2012-4031 | Path Traversal vulnerability in Wangkongbao Cns-1000 and Cns-1100 Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. | 5.0 |