Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2011-01-19 CVE-2011-0494 Path Traversal vulnerability in IBM Tivoli Access Manager FOR E-Business
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors.
network
low complexity
ibm CWE-22
5.0
2011-01-11 CVE-2011-0405 Path Traversal vulnerability in PHPgedview 4.2.3
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter.
network
phpgedview CWE-22
6.8
2011-01-11 CVE-2010-1679 Path Traversal vulnerability in Debian Dpkg
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.
network
debian CWE-22
6.8
2011-01-03 CVE-2010-4350 Path Traversal vulnerability in Mantisbt
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a ..
network
high complexity
mantisbt CWE-22
5.1
2010-12-30 CVE-2010-4622 Path Traversal vulnerability in IBM Tivoli Access Manager for E-Business 6.1.1
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.
network
low complexity
ibm CWE-22
5.0
2010-12-29 CVE-2010-4617 Path Traversal vulnerability in Kanich COM Jotloader 2.2.1
Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
network
kanich joomla CWE-22
6.8
2010-12-29 CVE-2010-4613 Path Traversal vulnerability in Hycus CMS 1.0.3
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a ..
network
low complexity
hycus CWE-22
7.5
2010-12-23 CVE-2010-4598 Path Traversal vulnerability in Ecava Integraxor 3.5.3900.10/3.5.3900.5/3.6.4000.0
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a ..
network
low complexity
ecava CWE-22
5.0
2010-12-07 CVE-2010-4330 Path Traversal vulnerability in Pulsecms Pulse CMS
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a ..
network
pulsecms CWE-22
6.8
2010-12-06 CVE-2010-4406 Path Traversal vulnerability in Brunetton Littlephpgallery 1.0.2
Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.
network
brunetton CWE-22
6.8