Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-24 | CVE-2021-23430 | Path Traversal vulnerability in Startserver Project Startserver All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization. | 7.5 |
| 2021-08-20 | CVE-2020-18878 | Path Traversal vulnerability in Skycaiji 1.3 Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'. | 5.3 |
| 2021-08-18 | CVE-2020-23069 | Path Traversal vulnerability in Webtareas Project Webtareas 2.0 Path Traversal vulneraility exists in webTareas 2.0 via the extpath parameter in general_serv.php, which could let a malicious user read arbitrary files. | 6.5 |
| 2021-08-16 | CVE-2021-22933 | Path Traversal vulnerability in multiple products A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request. | 6.5 |
| 2021-08-16 | CVE-2021-38758 | Path Traversal vulnerability in Online Catering Reservation System Project Online Catering Reservation System 1.0 Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php. | 7.5 |
| 2021-08-16 | CVE-2021-23423 | Path Traversal vulnerability in Bikeshed Project Bikeshed This affects the package bikeshed before 3.0.0. | 7.5 |
| 2021-08-16 | CVE-2021-26086 | Path Traversal vulnerability in Atlassian Jira Data Center and Jira Server Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. | 5.3 |
| 2021-08-13 | CVE-2021-27402 | Path Traversal vulnerability in Mitel Micollab The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal. | 6.5 |
| 2021-08-13 | CVE-2021-37343 | Path Traversal vulnerability in Nagios XI A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios. | 8.8 |
| 2021-08-13 | CVE-2021-37347 | Path Traversal vulnerability in Nagios XI Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument. | 7.8 |