Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2717 | Path Traversal vulnerability in PHP Heaven PHPmychat 0.14.5 Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. | 2.6 |
2004-12-31 | CVE-2004-2686 | Path Traversal vulnerability in SUN Solaris and Sunos Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. | 7.2 |
2004-12-31 | CVE-2004-1444 | Path Traversal vulnerability in Roundup-Tracker Roundup Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. | 5.0 |
2004-11-23 | CVE-2004-0273 | Path Traversal vulnerability in Realnetworks products Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. | 9.3 |
2004-11-03 | CVE-2004-0847 | Path Traversal vulnerability in Microsoft Asp.Net 1.0/1.1 The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability." | 7.5 |
2004-08-18 | CVE-2004-0175 | Path Traversal vulnerability in Openbsd Openssh Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. | 4.3 |
2004-08-04 | CVE-2004-1364 | Path Traversal vulnerability in Oracle products Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. | 8.5 |
2004-05-14 | CVE-2004-1354 | Path Traversal vulnerability in SUN Solaris and Sunos The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | 5.0 |
2004-05-03 | CVE-2004-1991 | Path Traversal vulnerability in Aldostools Aldo'S web Server 1.5 Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. | 5.0 |
2004-04-15 | CVE-2003-0593 | Path Traversal vulnerability in Opera Browser Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. | 7.5 |