Security Vulnerabilities, CVEs, Published In September 2014 (Directory traversal)

CVE-2014-5465

Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Max CVSS
5.0
EPSS Score
7.50%
Published
2014-09-03
Updated
2014-09-03

CVE-2014-5393

Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission to read arbitrary files in the webroot via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.34%
Published
2014-09-11
Updated
2018-10-09

CVE-2014-5319

Directory traversal vulnerability in the S-Link SLFileManager application 1.2.5 and earlier for Android allows remote attackers to write to files via unspecified vectors.
Max CVSS
6.4
EPSS Score
0.32%
Published
2014-09-26
Updated
2015-07-29

CVE-2014-4384

Directory traversal vulnerability in the App Installation feature in Apple iOS before 8 allows local users to install unverified apps by triggering code-signature validation of an unintended bundle.
Max CVSS
1.9
EPSS Score
0.08%
Published
2014-09-18
Updated
2017-08-29
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close