Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2021-06-16 CVE-2020-22200 Path Traversal vulnerability in PHPcms 9.1.13
Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword.
network
low complexity
phpcms CWE-22
5.0
2021-06-16 CVE-2020-35762 Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2.1
bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files.
network
low complexity
bloofox CWE-22
4.0
2021-06-11 CVE-2021-22762 Path Traversal vulnerability in Schneider-Electric Interactive Graphical Scada System
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Definition.
6.8
2021-06-10 CVE-2021-34363 Path Traversal vulnerability in the Fuck Project the Fuck
The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.
network
low complexity
the-fuck-project CWE-22
6.4
2021-06-09 CVE-2021-0097 Path Traversal vulnerability in Intel EFI Bios 7215
Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.
low complexity
intel CWE-22
3.3
2021-06-08 CVE-2021-32674 Zope is an open-source web application server. 0.0
2021-06-07 CVE-2021-33896 Path Traversal vulnerability in multiple products
Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators.
network
low complexity
dino fedoraproject CWE-22
5.0
2021-06-07 CVE-2021-20517 Path Traversal vulnerability in IBM Websphere Application Server ND
IBM WebSphere Application Server Network Deployment 8.5 and 9.0 could allow a remote authenticated attacker to traverse directories.
network
low complexity
ibm CWE-22
6.5
2021-06-04 CVE-2020-36142 Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2.1
BloofoxCMS 0.5.2.1 allows Directory traversal vulnerability by inserting '../' payloads within the 'fileurl' parameter.
network
low complexity
bloofox CWE-22
4.0
2021-06-03 CVE-2021-32662 Path Traversal vulnerability in Backstage
Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs.
network
backstage CWE-22
3.5