Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-01-12 | CVE-2008-5894 | Path Traversal vulnerability in Mediatheka 4.2 Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-01-12 | CVE-2008-5883 | Path Traversal vulnerability in Mini-Pub 0.1/0.1.1/0.1.2 Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter. | 7.8 |
2009-01-09 | CVE-2009-0113 | Path Traversal vulnerability in Joomla Xstandard Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. | 5.0 |
2009-01-09 | CVE-2008-5881 | Path Traversal vulnerability in Playsms 0.9.3 Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php. | 7.5 |
2009-01-08 | CVE-2008-5878 | Path Traversal vulnerability in PHPclanwebsite Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. | 5.1 |
2009-01-07 | CVE-2008-5867 | Path Traversal vulnerability in Yerba 6.3 Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary files, and possibly have other impact, via directory traversal sequences in the mod field contained in the base64-encoded SID parameter to an unspecified component. | 5.0 |
2009-01-06 | CVE-2008-5862 | Path Traversal vulnerability in Webcamxp 5.3.2.375/5.3.2.410 Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. | 5.0 |
2009-01-06 | CVE-2008-5861 | Path Traversal vulnerability in Freelyrics 1.0 Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. | 5.0 |
2009-01-06 | CVE-2008-5860 | Path Traversal vulnerability in Constructr Constructr-Cms Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter. | 5.1 |
2009-01-06 | CVE-2008-5856 | Path Traversal vulnerability in Class Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | 5.0 |