Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-24 | CVE-2008-6265 | Path Traversal vulnerability in Cyberfolio Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-02-24 | CVE-2008-6253 | Path Traversal vulnerability in Pluck-Cms Pluck 4.5.3 Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter. | 6.8 |
2009-02-22 | CVE-2009-0680 | Path Traversal vulnerability in Netgear Ssl312 cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences. | 7.8 |
2009-02-20 | CVE-2008-6224 | Path Traversal vulnerability in Samelinux WAY of the Warrior Directory traversal vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to read arbitrary files via a .. | 7.5 |
2009-02-20 | CVE-2008-6222 | Path Traversal vulnerability in Joomlashowroom PRO Desk Support Center 1.0/1.2 Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2009-02-20 | CVE-2009-0640 | Path Traversal vulnerability in Swannsecurity Dvr4-Securanet Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. | 5.0 |
2009-02-20 | CVE-2008-6201 | Path Traversal vulnerability in Kwsphp 1.3.456 Directory traversal vulnerability in help.php in the eskuel module in KwsPHP 1.3.456, as available before 20080416, allows remote attackers to execute arbitrary commands via the action parameter. | 6.8 |
2009-02-20 | CVE-2008-6195 | Path Traversal vulnerability in Landesk Management Suite 8.7/8.8 Directory traversal vulnerability in the PXE TFTP Service (PXEMTFTP.exe) in LANDesk Management Suite (LDMS) 8.80.1.1 and earlier allows remote attackers to read arbitrary files via a subdirectory name followed by ".." sequences, a different vulnerability than CVE-2008-1643. | 7.8 |
2009-02-19 | CVE-2008-6183 | Path Traversal vulnerability in Myphpindexer MY PHP Indexer 1.0 Multiple directory traversal vulnerabilities in index.php in My PHP Indexer 1.0 allow remote attackers to read arbitrary files via a .. | 7.8 |
2009-02-19 | CVE-2008-6177 | Path Traversal vulnerability in Publicwarehouse Lightblog 9.8 Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. | 6.8 |