Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-04 | CVE-2021-21706 | Path Traversal vulnerability in PHP In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions. | 6.5 |
| 2021-10-01 | CVE-2021-40960 | Path Traversal vulnerability in Galera Webtemplate 1.0 Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow. | 9.8 |
| 2021-10-01 | CVE-2021-3709 | Path Traversal vulnerability in Canonical Apport Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. | 5.5 |
| 2021-10-01 | CVE-2021-3710 | Path Traversal vulnerability in Canonical Apport An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). | 5.5 |
| 2021-09-30 | CVE-2021-41324 | Path Traversal vulnerability in Pydio Cells 2.2.9 Directory traversal in the Copy, Move, and Delete features in Pydio Cells 2.2.9 allows remote authenticated users to enumerate personal files (or Cells files belonging to any user) via the nodes parameter (for Copy and Move) or via the Path parameter (for Delete). | 6.5 |
| 2021-09-30 | CVE-2021-41323 | Path Traversal vulnerability in Pydio Cells 2.2.9 Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter. | 6.5 |
| 2021-09-29 | CVE-2021-40651 | Path Traversal vulnerability in Os4Ed Opensis 8.0 OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file. | 6.5 |
| 2021-09-29 | CVE-2021-35027 | Path Traversal vulnerability in Zyxel Zywall Vpn2S Firmware 1.12(Abln.0)C0 A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information. | 7.5 |
| 2021-09-28 | CVE-2021-21569 | Path Traversal vulnerability in Dell EMC Networker Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. | 4.9 |
| 2021-09-27 | CVE-2021-20034 | Path Traversal vulnerability in Sonicwall products An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. | 9.1 |