Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-10-08 | CVE-2010-2797 | Path Traversal vulnerability in Cmsmadesimple CMS Made Simple Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-10-07 | CVE-2010-3692 | Path Traversal vulnerability in Apereo PHPcas Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter. | 6.4 |
2010-09-29 | CVE-2010-3688 | Path Traversal vulnerability in Netartmedia Websiteadmin Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA WebSiteAdmin allows remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the lng parameter. | 7.5 |
2010-09-29 | CVE-2010-3468 | Path Traversal vulnerability in Blueriver Mura CMS and Sava CMS Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 through 5.2, allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-09-28 | CVE-2010-3490 | Path Traversal vulnerability in Sangoma Freepbx Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. | 6.5 |
2010-09-24 | CVE-2010-3606 | Path Traversal vulnerability in Netartmedia Real Estate Portal 2.0 Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters. | 6.8 |
2010-09-24 | CVE-2010-3306 | Path Traversal vulnerability in Salvo G. Tomaselli Weborf Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI. | 5.0 |
2010-09-24 | CVE-2010-3261 | Path Traversal vulnerability in RSA Authentication Agent FOR web Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to read unspecified data via unknown vectors. | 5.0 |
2010-09-22 | CVE-2010-3488 | Path Traversal vulnerability in Houbysoft Quickshare 1.0 Directory traversal vulnerability in QuickShare 1.0 allows remote attackers to read arbitrary files via a ... | 5.0 |
2010-09-22 | CVE-2010-3487 | Path Traversal vulnerability in Yellosoft Pinky 1.0 Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL. | 5.0 |