Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-01-10 | CVE-2013-5011 | Path Traversal vulnerability in Symantec Endpoint Protection Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory. | 7.2 |
2014-01-09 | CVE-2013-7138 | Path Traversal vulnerability in Horizon Quick Content Management System Project Horizon Quick Content Management System Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-01-09 | CVE-2013-7174 | Path Traversal vulnerability in Qnap QTS 4.0/4.0.3 Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. | 7.8 |
2014-01-08 | CVE-2013-7097 | Path Traversal vulnerability in 7Mediaws Edutrac Directory traversal vulnerability in 7 Media Web Solutions eduTrac before 1.1.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
2014-01-03 | CVE-2013-7240 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2013-12-31 | CVE-2013-6987 | Path Traversal vulnerability in Synology Diskstation Manager 4.33810 Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary files via a .. | 7.5 |
2013-12-30 | CVE-2013-5219 | Path Traversal vulnerability in HOT Hotbox Router and Hotbox Router Firmware Directory traversal vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to read arbitrary files via a .. | 3.3 |
2013-12-21 | CVE-2012-4135 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. | 4.6 |
2013-12-21 | CVE-2012-4131 | Path Traversal vulnerability in Cisco Nx-Os Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164. | 4.6 |
2013-12-20 | CVE-2013-7190 | Path Traversal vulnerability in Iscripts Autohoster 2.4 Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to read arbitrary files via the (1) tmpid parameter to websitebuilder/showtemplateimage.php, (2) fname parameter to admin/downloadfile.php, or (3) id parameter to support/admin/csvdownload.php; or (4) have an unspecified impact via unspecified vectors in support/parser/main_smtp.php. | 5.0 |