Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE	CVE	VULNERABILITY TITLE	RISK
2009-02-26	CVE-2009-0615	Path Traversal vulnerability in Cisco products Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions." network low complexity cisco CWE-22 critical	9.0
2009-02-26	CVE-2008-6290	Path Traversal vulnerability in Niclor Include Sito Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. network niclor CWE-22	6.8
2009-02-25	CVE-2008-6288	Path Traversal vulnerability in Interface-Medien Ibase 2.0 Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows remote attackers to read arbitrary files via a .. network low complexity interface-medien CWE-22	7.8
2009-02-25	CVE-2009-0735	Path Traversal vulnerability in Papoo 3.6 Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read and possibly execute arbitrary files via a .. network high complexity papoo CWE-22	5.1
2009-02-25	CVE-2008-6273	Path Traversal vulnerability in Myktools 3.0 Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenticated administrators to include and execute arbitrary local files via a .. network myktools CWE-22	6.0
2009-02-25	CVE-2008-6271	Path Traversal vulnerability in Tbmnet Tbmnetcms 1.0 Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. network tbmnet CWE-22	6.8
2009-02-24	CVE-2009-0731	Path Traversal vulnerability in Freearcadescript Free Arcade Script 1.0 Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. network freearcadescript CWE-22 critical	9.3
2009-02-24	CVE-2009-0729	Path Traversal vulnerability in Lingx Page Engine CMS 2.0 Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. network lingx CWE-22	6.8
2009-02-24	CVE-2009-0722	Path Traversal vulnerability in Potato-Scripts Potato News 1.0.0 Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote attackers to include and execute arbitrary files via a .. network low complexity potato-scripts CWE-22	7.5
2009-02-24	CVE-2008-6265	Path Traversal vulnerability in Cyberfolio Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. network cyberfolio CWE-22	6.8