Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE	CVE	VULNERABILITY TITLE	RISK
2007-03-06	CVE-2006-7112	Path Traversal vulnerability in Maxdev Mdpro Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, then accessing it. network maxdev CWE-22	6.0
2007-03-02	CVE-2007-1152	Path Traversal vulnerability in Pyrophobia 2.1.3.1 Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. network low complexity pyrophobia CWE-22	5.0
2007-03-02	CVE-2007-1149	Path Traversal vulnerability in Lovecms 1.4 Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. network low complexity lovecms CWE-22	5.0
2007-03-02	CVE-2007-1144	Path Traversal vulnerability in Comscripts J-Web Pics Navigator 1.0/2.0 Directory traversal vulnerability in jwpn-photos.php in J-Web Pics Navigator 2.0 allows remote attackers to list arbitrary directories via a .. network low complexity comscripts CWE-22	5.0
2007-03-02	CVE-2007-1143	Path Traversal vulnerability in Jeunes-Webmasters J-Web Pics Navigator 1.0 Directory traversal vulnerability in pn-menu.php in J-Web Pics Navigator 1.0 allows remote attackers to list arbitrary directories via a .. network low complexity jeunes-webmasters CWE-22	7.8
2007-03-02	CVE-2007-1140	Path Traversal vulnerability in Barekoncept Pheap Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. network low complexity barekoncept CWE-22 critical	9.4
2007-03-02	CVE-2007-1138	Path Traversal vulnerability in Cromosoft Simple Plantilla PHP Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter. network low complexity cromosoft CWE-22	5.0
2007-02-22	CVE-2007-1076	Path Traversal vulnerability in PHPtraffica 1.4.1 Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. network low complexity phptraffica CWE-22	7.5
2007-02-21	CVE-2007-1042	Path Traversal vulnerability in Xpression News Xpression News 1.0.1 Directory traversal vulnerability in news.php in Xpression News (X-News) 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files or obtain sensitive information via a .. network xpression-news CWE-22	5.8
2007-02-21	CVE-2007-1031	Path Traversal vulnerability in Spoonlabs Vivvo Article Management CMS 3.4 Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter. network spoonlabs CWE-22	6.8