Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-08 | CVE-2007-4764 | Path Traversal vulnerability in Pawfaliki 0.5.1 Directory traversal vulnerability in pawfaliki.php in Pawfaliki 0.5.1 allows remote attackers to list arbitrary files via a .. | 5.0 |
| 2007-09-08 | CVE-2007-4756 | Path Traversal vulnerability in Ghisler Total Commander Directory traversal vulnerability in the FTP client in Total Commander before 7.02 allows remote FTP servers to create or overwrite arbitrary files via "..\" (dot dot backslash) sequences in a filename. | 6.8 |
| 2007-09-05 | CVE-2007-4726 | Path Traversal vulnerability in Weboddity 0.09B Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2007-09-05 | CVE-2007-4723 | Path Traversal vulnerability in Ragnarok Online Control Panel Project Ragnarok Online Control Panel 4.3.4A Directory traversal vulnerability in Ragnarok Online Control Panel 4.3.4a, when the Apache HTTP Server is used, allows remote attackers to bypass authentication via directory traversal sequences in a URI that ends with the name of a publicly available page, as demonstrated by a "/...../" sequence and an account_manage.php/login.php final component for reaching the protected account_manage.php page. | 7.5 |
| 2007-09-05 | CVE-2007-4718 | Path Traversal vulnerability in Claroline Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. | 5.1 |
| 2007-09-05 | CVE-2007-4471 | Path Traversal vulnerability in Intuit Quickbooks Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods. | 9.3 |
| 2007-09-04 | CVE-2007-4663 | Path Traversal vulnerability in PHP Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | 7.5 |
| 2007-09-04 | CVE-2007-4655 | Path Traversal vulnerability in Cgi-Rescue Shopping Basket Professional Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. | 5.0 |
| 2007-08-31 | CVE-2007-4641 | Path Traversal vulnerability in Pakupaku CMS Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.4 |
| 2007-08-30 | CVE-2007-4134 | Path Traversal vulnerability in Redhat Fedora 7 Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. | 6.8 |