Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-09-26 | CVE-2007-5103 | Path Traversal vulnerability in Wordsmith 1.0Rc1 Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2007-09-26 | CVE-2007-5092 | Path Traversal vulnerability in Multimedia Dance Music Module FOR PHPnuke Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2007-09-24 | CVE-2007-5069 | Path Traversal vulnerability in Massimo Chioni Mobile Entertainment Module 1 Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2007-09-24 | CVE-2007-5055 | Path Traversal vulnerability in Izicontents Multiple directory traversal vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2007-09-24 | CVE-2007-5050 | Path Traversal vulnerability in Neuron News Neuron News 1.0 Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2007-09-20 | CVE-2007-5017 | Path Traversal vulnerability in Yahoo Messenger 8.1.0.421 Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in Yahoo! Messenger 8.1.0.421 allows remote attackers to force a download, and create or overwrite arbitrary files via a full pathname in the second argument to the GetFile method. | 5.0 |
2007-09-19 | CVE-2007-4983 | Path Traversal vulnerability in Cowon America Jetaudio 7.0.3.3016/7.0.3Basic Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. | 10.0 |
2007-09-19 | CVE-2007-4982 | Path Traversal vulnerability in MW6 Technologies Qrcode Activex Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. | 10.0 |
2007-09-19 | CVE-2007-4976 | Path Traversal vulnerability in Coppermine Photo Gallery Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. | 6.5 |
2007-09-18 | CVE-2007-4962 | Path Traversal vulnerability in Winimage 8.0/8.10 Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. | 9.3 |