Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-29 | CVE-2007-4585 | Path Traversal vulnerability in 2532Gigs 1.2.1 Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2007-08-29 | CVE-2007-4583 | Path Traversal vulnerability in Acti Network Video Recorder Sp22.0 Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method. | 5.0 |
2007-08-29 | CVE-2007-4220 | Path Traversal vulnerability in Motorola Timbuktu 8.6.3.1367 Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. | 7.8 |
2007-08-28 | CVE-2007-3846 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\ (dot dot backslash) sequence in the filename, as stored in the file repository. | 6.0 |
2007-08-27 | CVE-2007-4545 | Path Traversal vulnerability in X-Diesel Unreal Commander 0.92Build565/0.92Build573 Multiple directory traversal vulnerabilities in Unreal Commander 0.92 build 565 and 573 allow user-assisted remote attackers to create or overwrite arbitrary files via a .. | 6.8 |
2007-08-21 | CVE-2007-4457 | Path Traversal vulnerability in Florian Mahieu Dalai Forum 1.1 Directory traversal vulnerability in forumreply.php in Dalai Forum 1.1 allows remote attackers to include and execute arbitrary local files via a .. | 6.4 |
2007-08-18 | CVE-2007-4420 | Path Traversal vulnerability in Edraw Office Viewer Component 5.1 Absolute path traversal vulnerability in a certain ActiveX control in officeviewer.ocx 5.1.199.1 in EDraw Office Viewer Component 5.1 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the HttpDownloadFile method, a different vulnerability than CVE-2007-3168 and CVE-2007-3169. | 9.3 |
2007-08-18 | CVE-2007-4271 | Path Traversal vulnerability in IBM DB2 Universal Database Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. | 2.1 |
2007-07-30 | CVE-2007-4062 | Path Traversal vulnerability in Nessus vulnerability Scanner 3.0.6 The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability. | 7.8 |
2007-07-30 | CVE-2007-4058 | Path Traversal vulnerability in EMC VMWare 6.0.0 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | 4.3 |