Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2010-09-22 CVE-2010-3480 Path Traversal vulnerability in Apphp PHP Microcms 1.0.1
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..
network
apphp CWE-22
6.8
2010-09-17 CVE-2010-3460 Path Traversal vulnerability in Gecad Axigen Mail Server
Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL.
network
low complexity
gecad microsoft CWE-22
5.0
2010-09-17 CVE-2010-3456 Path Traversal vulnerability in Energyscripts Simple Download 1.0
Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows remote attackers to read arbitrary files via a ..
network
low complexity
energyscripts CWE-22
5.0
2010-09-16 CVE-2010-3426 Path Traversal vulnerability in 4You-Studio COM Jphone 1.0
Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a ..
network
low complexity
4you-studio joomla CWE-22
7.5
2010-09-14 CVE-2010-0154 Path Traversal vulnerability in IBM products
Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a ..
network
low complexity
ibm CWE-22
4.0
2010-09-03 CVE-2010-3203 Path Traversal vulnerability in Xmlswf COM Picsell 1.0
Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a ..
network
low complexity
xmlswf joomla CWE-22
5.0
2010-08-25 CVE-2009-4986 Path Traversal vulnerability in In-Portal 4.3.1
Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a ..
network
in-portal CWE-22
6.8
2010-08-25 CVE-2009-4978 Path Traversal vulnerability in Tufat Mybackup 1.4.0
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a ..
network
low complexity
tufat CWE-22
5.0
2010-08-21 CVE-2010-3104 Path Traversal vulnerability in Deskshare Auto FTP Manager 4.31
Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
network
deskshare CWE-22
critical
9.3
2010-08-21 CVE-2010-3103 Path Traversal vulnerability in Ftpgetter 3.51.0.05
Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.05, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
network
ftpgetter CWE-22
critical
9.3