CVE-2014-2210
CA ERwin Web Portal 9.5 (build date before 2014-03-20) contains multiple directory traversal vulnerabilities due to lack of authentication and insufficient input validation in components such as FileAccessServiceProvider, ProfileIconServlet, and ConfigServiceProvider (MIMM) across HTTP requests. ...