Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-13 | CVE-2021-27402 | Path Traversal vulnerability in Mitel Micollab The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal. | 6.5 |
| 2021-08-13 | CVE-2021-37343 | Path Traversal vulnerability in Nagios XI A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component and could lead to post authenticated RCE under security context of the user running Nagios. | 8.8 |
| 2021-08-13 | CVE-2021-37347 | Path Traversal vulnerability in Nagios XI Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument. | 7.8 |
| 2021-08-12 | CVE-2021-31731 | Path Traversal vulnerability in Kitesky Kitecms 1.1.1 A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html parameter. | 6.5 |
| 2021-08-10 | CVE-2020-23172 | Path Traversal vulnerability in Kuba Project Kuba A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives. | 5.5 |
| 2021-08-10 | CVE-2021-37367 | Path Traversal vulnerability in Ctparental Project Ctparental CTparental before 4.45.07 is affected by a code execution vulnerability in the CTparental admin panel. | 7.8 |
| 2021-08-10 | CVE-2021-22674 | Path Traversal vulnerability in Advantech Webaccess/Scada The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). | 6.5 |
| 2021-08-10 | CVE-2021-21501 | Path Traversal vulnerability in Apache Servicecomb Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0. | 7.5 |
| 2021-08-09 | CVE-2015-2073 | Path Traversal vulnerability in SAP Businessobjects Edge 4.0 The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682. | 7.5 |
| 2021-08-09 | CVE-2015-2074 | Path Traversal vulnerability in SAP Businessobjects Edge 4.0 The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681. | 7.5 |