Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-25 | CVE-2009-3425 | Path Traversal vulnerability in Databay Maxcms 3.11.20B Directory traversal vulnerability in includes/inc.thcms_admin_dirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMS_root parameter. | 5.0 |
2009-09-24 | CVE-2009-3366 | Path Traversal vulnerability in Plohni AN Image Gallery 1.0 Directory traversal vulnerability in navigation.php in An image gallery 1.0 allows remote attackers to list arbitrary directories via a .. | 5.0 |
2009-09-23 | CVE-2009-3318 | Path Traversal vulnerability in Breedveld COM Album 1.14 Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. | 7.5 |
2009-09-22 | CVE-2009-3284 | Path Traversal vulnerability in PHPspot products Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2009-09-18 | CVE-2009-3249 | Path Traversal vulnerability in Vtiger CRM 5.0.4 Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-09-17 | CVE-2008-7240 | Path Traversal vulnerability in Linuxwebshop PHP User Base 1.3 Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | 7.5 |
2009-09-16 | CVE-2009-3219 | Path Traversal vulnerability in The-Ghost AR web Content Manager 2.1 Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-09-16 | CVE-2009-3216 | Path Traversal vulnerability in Wiccle Iwiccle 1.01 Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. | 4.3 |
2009-09-16 | CVE-2009-3211 | Path Traversal vulnerability in Dimofinf Infinity Script 2.0.5 Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. | 6.8 |
2009-09-11 | CVE-2009-3181 | Path Traversal vulnerability in Anantasoft Gazelle CMS 1.0 Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. | 5.0 |