Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-12 | CVE-2012-1047 | Path Traversal vulnerability in Cyberoam Central Console 2.00.2 Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2012-02-08 | CVE-2012-1025 | Path Traversal vulnerability in Dream-Multimedia-Tv Enigma2 Webinterface Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter. | 5.0 |
2012-02-08 | CVE-2012-1024 | Path Traversal vulnerability in Dream-Multimedia-Tv Enigma2 Webinterface 1.5 Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-02-07 | CVE-2012-0991 | Path Traversal vulnerability in Openemr 4.1.0 Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. | 3.5 |
2012-02-03 | CVE-2011-4878 | Path Traversal vulnerability in Siemens products Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via a ..%5c (dot dot backslash) in a URI. | 7.8 |
2012-02-03 | CVE-2011-4876 | Path Traversal vulnerability in Siemens products Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, create, modify, or delete arbitrary files via a .. | 9.3 |
2012-02-02 | CVE-2012-0981 | Path Traversal vulnerability in Kybernetika PHPshowtime 2.0 Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. | 5.0 |
2012-01-20 | CVE-2012-0907 | Path Traversal vulnerability in Neoaxis web Player 1.1/1.2/1.3 Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. | 5.8 |
2012-01-20 | CVE-2012-0898 | Path Traversal vulnerability in Camaleo Myeasybackup 1.0.8.1 Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-01-20 | CVE-2012-0896 | Path Traversal vulnerability in multiple products Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. | 5.0 |