Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-18 | CVE-2004-0175 | Path Traversal vulnerability in Openbsd Openssh Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. | 4.3 |
| 2004-08-04 | CVE-2004-1364 | Path Traversal vulnerability in Oracle products Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | 8.5 |
| 2004-05-14 | CVE-2004-1354 | Path Traversal vulnerability in SUN Solaris and Sunos The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | 5.0 |
| 2004-05-03 | CVE-2004-1991 | Path Traversal vulnerability in Aldostools Aldo'S web Server 1.5 Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. | 5.0 |
| 2004-04-15 | CVE-2003-0593 | Path Traversal vulnerability in Opera Browser Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. | 7.5 |
| 2004-04-11 | CVE-2004-1927 | Path Traversal vulnerability in Tiki Tikiwiki Cms/Groupware 1.6.1/1.8.1 Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. | 5.0 |
| 2003-12-31 | CVE-2003-1545 | Path Traversal vulnerability in multiple products Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. | 5.0 |
| 2003-12-31 | CVE-2003-1542 | Path Traversal vulnerability in Ondrej Jombik PHPwebfilemanager Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2003-12-31 | CVE-2003-1537 | Path Traversal vulnerability in Postnuke Software Foundation Postnuke Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | 5.0 |
| 2003-12-31 | CVE-2003-1529 | Path Traversal vulnerability in Seagull Software Systems J Walk Application Server 3.2C9 Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL. | 5.0 |