Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-24 | CVE-2008-7054 | Path Traversal vulnerability in Visualshapers Ezcontents 2.0.3 Multiple directory traversal vulnerabilities in ezContents 2.0.3 allow remote attackers to include and execute arbitrary local files via the (1) gsLanguage and (2) language_home parameters to modules/diary/showdiary.php; (3) admin_home, (4) gsLanguage, and (5) language_home parameters to modules/diary/showdiarydetail.php; (6) gsLanguage and (7) language_home parameters to modules/diary/submit_diary.php; (8) admin_home parameter to modules/news/news_summary.php; (9) nLink, (10) gsLanguage, and (11) language_home parameters to modules/news/inlinenews.php; and possibly other unspecified vectors in (12) diary/showeventlist.php, (13) gallery/showgallery.php, (14) reviews/showreviews.php, (15) gallery/showgallerydetails.php, (16) reviews/showreviewsdetails.php, (17) news/shownewsdetails.php, (18) gallery/submit_gallery.php, (19) guestbook/submit_guestbook.php, (20) reviews/submit_reviews.php, (21) news/submit_news.php, (22) diary/inlineeventlist.php, and (23) news/archivednews_summary.php in modules/, related to the lack of directory traversal protection in modules/moduleSec.php. | 5.1 |
| 2009-08-21 | CVE-2009-2931 | Path Traversal vulnerability in Slideshowpro Director Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter. | 7.8 |
| 2009-08-21 | CVE-2009-2925 | Path Traversal vulnerability in Djcalendar Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. | 7.8 |
| 2009-08-21 | CVE-2009-2923 | Path Traversal vulnerability in Bitmixsoft PHP-Lance 1.52 Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1.52 allow remote attackers to read arbitrary files via a .. | 5.0 |
| 2009-08-18 | CVE-2009-1873 | Path Traversal vulnerability in Adobe Jrun 4.0 Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
| 2009-08-17 | CVE-2009-2792 | Path Traversal vulnerability in Joshua Oliver Really Simple CMS 0.3A Directory traversal vulnerability in plugings/pagecontent.php in Really Simple CMS (RSCMS) 0.3a allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2009-08-17 | CVE-2009-2787 | Path Traversal vulnerability in Reputation 2.0.4/2.2.3 Directory traversal vulnerability in include/reputation/rep_profile.php in the Reputation plugin 2.2.4, 2.2.3, 2.0.4, and earlier for PunBB, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2009-08-17 | CVE-2009-2784 | Path Traversal vulnerability in Ditcms Dit.Cms 1.3 Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. | 9.3 |
| 2009-08-11 | CVE-2008-6933 | Path Traversal vulnerability in Minigal B13 Directory traversal vulnerability in index.php in MiniGal b13 (aka MG2) allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. | 5.0 |
| 2009-08-10 | CVE-2008-6926 | Path Traversal vulnerability in Netenberg Fantastico DE Luxe Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. | 6.8 |