Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-30 | CVE-2021-41323 | Path Traversal vulnerability in Pydio Cells 2.2.9 Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter. | 6.5 |
| 2021-09-29 | CVE-2021-40651 | Path Traversal vulnerability in Os4Ed Opensis 8.0 OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file. | 6.5 |
| 2021-09-29 | CVE-2021-35027 | Path Traversal vulnerability in Zyxel Zywall Vpn2S Firmware 1.12(Abln.0)C0 A directory traversal vulnerability in the web server of the Zyxel VPN2S firmware version 1.12 could allow a remote attacker to gain access to sensitive information. | 7.5 |
| 2021-09-28 | CVE-2021-21569 | Path Traversal vulnerability in Dell EMC Networker Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. | 4.9 |
| 2021-09-27 | CVE-2021-20034 | Path Traversal vulnerability in Sonicwall products An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. | 9.1 |
| 2021-09-27 | CVE-2021-40097 | Path Traversal vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 8.8 |
| 2021-09-27 | CVE-2021-40098 | Path Traversal vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 9.8 |
| 2021-09-27 | CVE-2021-40103 | Path Traversal vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 7.5 |
| 2021-09-27 | CVE-2021-40349 | Path Traversal vulnerability in Speed Test Project Speed Test 0.5.3 e7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack that results in information disclosure via the "GET /.." substring. | 5.3 |
| 2021-09-24 | CVE-2021-22868 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. | 4.3 |