Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-12-08 | CVE-2011-4716 | Path Traversal vulnerability in Dream-Multimedia-Tv products Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter. | 5.0 |
2011-12-08 | CVE-2011-4715 | Path Traversal vulnerability in Koha and Liblime Koha Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-08 | CVE-2011-4714 | Path Traversal vulnerability in Vvertex Muster Directory traversal vulnerability in Virtual Vertex Muster before 6.20 allows remote attackers to read arbitrary files via a \.. | 5.0 |
2011-12-08 | CVE-2011-4713 | Path Traversal vulnerability in Oscss Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-08 | CVE-2011-4712 | Path Traversal vulnerability in Monoxide0184 Oxide Webserver Directory traversal vulnerability in Oxide WebServer allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. | 5.0 |
2011-12-08 | CVE-2011-4711 | Path Traversal vulnerability in Namazu Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-08 | CVE-2011-2653 | Path Traversal vulnerability in Novell Zenworks Asset Management 7.5 Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | 10.0 |
2011-12-05 | CVE-2011-4675 | Path Traversal vulnerability in Widelands The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (tilde) characters to home-directory pathnames but does not restrict use of these characters in strings received from the network, which might allow remote attackers to conduct absolute path traversal attacks and overwrite arbitrary files via a ~ in a pathname that is used for a file transfer in an Internet game, a different vulnerability than CVE-2011-1932. | 6.4 |
2011-12-05 | CVE-2011-4543 | Path Traversal vulnerability in Oscommerce 3.0.2 Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2011-12-05 | CVE-2011-1932 | Path Traversal vulnerability in Widelands Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . | 6.4 |