Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-12-23 | CVE-2011-4596 | Path Traversal vulnerability in Openstack Nova 2011.3 Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest. | 6.0 |
2011-12-20 | CVE-2011-4717 | Path Traversal vulnerability in Zftpserver Suite 6.0.0.52 Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command. | 5.5 |
2011-12-15 | CVE-2011-4835 | Path Traversal vulnerability in Homeseer HS2 2.5.0.20 Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | 7.5 |
2011-12-15 | CVE-2011-4832 | Path Traversal vulnerability in Caupo Cauposhop Classic and Cauposhop PRO Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. | 7.5 |
2011-12-15 | CVE-2011-4831 | Path Traversal vulnerability in David Azoulay web File Browser 0.4B14 Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action. | 4.0 |
2011-12-14 | CVE-2011-4813 | Path Traversal vulnerability in Whmcs Whmcompletesolution 3.0.0 Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templatefile parameter. | 5.0 |
2011-12-14 | CVE-2011-4810 | Path Traversal vulnerability in Whmcs Whmcompletesolution Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php. | 5.0 |
2011-12-14 | CVE-2011-4807 | Path Traversal vulnerability in PHPalbum Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-14 | CVE-2011-4804 | Path Traversal vulnerability in Foobla COM Obsuggest Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-14 | CVE-2011-4800 | Path Traversal vulnerability in Solarwinds Serv-U File Server Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. | 9.0 |