Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-03-20 | CVE-2012-0403 | Path Traversal vulnerability in RSA Envision 4.0/4.1 Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors. | 6.3 |
2012-03-19 | CVE-2012-1790 | Path Traversal vulnerability in Webgrind Project Webgrind 1.0 Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php. | 5.0 |
2012-03-19 | CVE-2010-5086 | Path Traversal vulnerability in Bitweaver 2.7/2.8.1 Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-03-19 | CVE-2009-5114 | Path Traversal vulnerability in Iwork Webglimpse Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-03-15 | CVE-2012-0232 | Path Traversal vulnerability in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6/3.0/3.5 Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6, 3.0, 3.0 SP1, and 3.5 allows remote attackers to modify the configuration via crafted strings. | 6.4 |
2012-03-03 | CVE-2012-1497 | Path Traversal vulnerability in Movabletype products The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file=" attribute, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files by leveraging the template-designer role. | 4.0 |
2012-02-25 | CVE-2012-0365 | Path Traversal vulnerability in Cisco products Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009. | 9.0 |
2012-02-24 | CVE-2012-1207 | Path Traversal vulnerability in Fork-Cms Fork CMS 3.2.4 Directory traversal vulnerability in frontend/core/engine/javascript.php in Fork CMS 3.2.4 and possibly other versions before 3.2.5 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-02-24 | CVE-2012-0998 | Path Traversal vulnerability in Lepton-Cms Lepton Directory traversal vulnerability in account/preferences.php in LEPTON before 1.1.4 allows remote attackers to include and execute arbitrary files via a .. | 7.5 |
2012-02-24 | CVE-2012-0996 | Path Traversal vulnerability in 11In1 1.2.1 Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. | 5.0 |