Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-01-19 | CVE-2011-0494 | Path Traversal vulnerability in IBM Tivoli Access Manager FOR E-Business Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. | 5.0 |
2011-01-11 | CVE-2011-0405 | Path Traversal vulnerability in PHPgedview 4.2.3 Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter. | 6.8 |
2011-01-11 | CVE-2010-1679 | Path Traversal vulnerability in Debian Dpkg Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package. | 6.8 |
2011-01-03 | CVE-2010-4350 | Path Traversal vulnerability in Mantisbt Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. | 5.1 |
2010-12-30 | CVE-2010-4622 | Path Traversal vulnerability in IBM Tivoli Access Manager for E-Business 6.1.1 Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI. | 5.0 |
2010-12-29 | CVE-2010-4617 | Path Traversal vulnerability in Kanich COM Jotloader 2.2.1 Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. | 6.8 |
2010-12-29 | CVE-2010-4613 | Path Traversal vulnerability in Hycus CMS 1.0.3 Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-12-23 | CVE-2010-4598 | Path Traversal vulnerability in Ecava Integraxor 3.5.3900.10/3.5.3900.5/3.6.4000.0 Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-12-07 | CVE-2010-4330 | Path Traversal vulnerability in Pulsecms Pulse CMS Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-12-06 | CVE-2010-4406 | Path Traversal vulnerability in Brunetton Littlephpgallery 1.0.2 Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter. | 6.8 |