Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE	CVE	VULNERABILITY TITLE	RISK
2009-09-25	CVE-2009-3425	Path Traversal vulnerability in Databay Maxcms 3.11.20B Directory traversal vulnerability in includes/inc.thcms_admin_dirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMS_root parameter. network low complexity databay CWE-22	5.0
2009-09-24	CVE-2009-3366	Path Traversal vulnerability in Plohni AN Image Gallery 1.0 Directory traversal vulnerability in navigation.php in An image gallery 1.0 allows remote attackers to list arbitrary directories via a .. network low complexity plohni CWE-22	5.0
2009-09-23	CVE-2009-3318	Path Traversal vulnerability in Breedveld COM Album 1.14 Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. network low complexity joomla breedveld CWE-22	7.5
2009-09-22	CVE-2009-3284	Path Traversal vulnerability in PHPspot products Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to read arbitrary files via unspecified vectors. network low complexity phpspot CWE-22	5.0
2009-09-18	CVE-2009-3249	Path Traversal vulnerability in Vtiger CRM 5.0.4 Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. network low complexity vtiger CWE-22	7.5
2009-09-17	CVE-2008-7240	Path Traversal vulnerability in Linuxwebshop PHP User Base 1.3 Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. network low complexity linuxwebshop CWE-22	7.5
2009-09-16	CVE-2009-3219	Path Traversal vulnerability in The-Ghost AR web Content Manager 2.1 Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. network the-ghost CWE-22	6.8
2009-09-16	CVE-2009-3216	Path Traversal vulnerability in Wiccle Iwiccle 1.01 Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. network wiccle CWE-22	4.3
2009-09-16	CVE-2009-3211	Path Traversal vulnerability in Dimofinf Infinity Script 2.0.5 Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. network dimofinf CWE-22	6.8
2009-09-11	CVE-2009-3181	Path Traversal vulnerability in Anantasoft Gazelle CMS 1.0 Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. network low complexity anantasoft CWE-22	5.0