Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2020-24144 | Path Traversal vulnerability in Media File Organizer Project Media File Organizer 1.0.1 Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] parameter in a move operation. | 8.6 |
| 2021-07-07 | CVE-2020-24146 | Path Traversal vulnerability in Cminds CM Download Manager 2.7.0 Directory traversal in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows authorized users to delete arbitrary files and possibly cause a denial of service via the fileName parameter in a deletescreenshot action. | 8.1 |
| 2021-07-07 | CVE-2021-32507 | Path Traversal vulnerability in Qsan Storage Manager Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. | 6.5 |
| 2021-06-30 | CVE-2021-35958 | Path Traversal vulnerability in Google Tensorflow TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. | 9.1 |
| 2021-06-28 | CVE-2020-23715 | Path Traversal vulnerability in Webport CMS Project Webport CMS 1.19.10.17121 Directory Traversal vulnerability in Webport CMS 1.19.10.17121 via the file parameter to file/download. | 8.6 |
| 2021-06-28 | CVE-2021-29157 | Path Traversal vulnerability in multiple products Dovecot before 2.3.15 allows ../ Path Traversal. | 5.5 |
| 2021-06-24 | CVE-2020-18665 | Path Traversal vulnerability in Webport web Port Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings. | 5.3 |
| 2021-06-18 | CVE-2021-31272 | Path Traversal vulnerability in Serenityos 20191230/20210127/20210327 SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation. | 9.8 |
| 2021-06-18 | CVE-2021-32954 | Path Traversal vulnerability in Advantech Webaccess/Scada Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an attacker to remotely read arbitrary files on the file system. | 6.5 |
| 2021-06-18 | CVE-2021-33576 | Path Traversal vulnerability in Cleo Lexicom 5.5.0.0 An issue was discovered in Cleo LexiCom 5.5.0.0. | 9.8 |