Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-27 | CVE-2021-40153 | Path Traversal vulnerability in multiple products squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. | 8.1 |
| 2021-08-25 | CVE-2020-19547 | Path Traversal vulnerability in Popojicms 2.0.1 Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id parameter in admin.php. | 6.5 |
| 2021-08-24 | CVE-2021-38612 | Path Traversal vulnerability in Nascent Remkon Device Manager 4.0.0.0 In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL. | 7.5 |
| 2021-08-24 | CVE-2021-23430 | Path Traversal vulnerability in Startserver Project Startserver All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization. | 7.5 |
| 2021-08-20 | CVE-2020-18878 | Path Traversal vulnerability in Skycaiji 1.3 Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'. | 5.3 |
| 2021-08-18 | CVE-2020-23069 | Path Traversal vulnerability in Webtareas Project Webtareas 2.0 Path Traversal vulneraility exists in webTareas 2.0 via the extpath parameter in general_serv.php, which could let a malicious user read arbitrary files. | 6.5 |
| 2021-08-16 | CVE-2021-22933 | Path Traversal vulnerability in multiple products A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a maliciously crafted web request. | 6.5 |
| 2021-08-16 | CVE-2021-38758 | Path Traversal vulnerability in Online Catering Reservation System Project Online Catering Reservation System 1.0 Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php. | 7.5 |
| 2021-08-16 | CVE-2021-23423 | Path Traversal vulnerability in Bikeshed Project Bikeshed This affects the package bikeshed before 3.0.0. | 7.5 |
| 2021-08-16 | CVE-2021-26086 | Path Traversal vulnerability in Atlassian Jira Data Center and Jira Server Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. | 5.3 |