Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2020-18178 | Path Traversal vulnerability in Hongcms Project Hongcms 4.0.0 Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax." | 9.8 |
| 2021-05-12 | CVE-2021-32572 | Path Traversal vulnerability in Specotech web Viewer Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. | 7.5 |
| 2021-05-10 | CVE-2020-23575 | Path Traversal vulnerability in Kyocera D-Copia253Mf Plus Firmware A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. | 7.5 |
| 2021-05-06 | CVE-2021-28149 | Path Traversal vulnerability in Hongdian H8922 Firmware 3.0.5 Hongdian H8922 3.0.5 devices allow Directory Traversal. | 6.5 |
| 2021-05-06 | CVE-2021-32062 | Path Traversal vulnerability in multiple products MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded (with MapServer CGI). | 5.3 |
| 2021-05-05 | CVE-2021-29101 | Path Traversal vulnerability in Esri Arcgis Geoevent Server 10.8.1 ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal vulnerability that could allow an unauthenticated, remote attacker to perform directory traversal attacks and read arbitrary files on the system. | 7.5 |
| 2021-05-05 | CVE-2020-4993 | Path Traversal vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature of zip files processes data in a way that may be vulnerable to path traversal attacks. | 4.9 |
| 2021-05-05 | CVE-2021-29100 | Path Traversal vulnerability in Esri Arcgis Earth A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. | 7.8 |
| 2021-05-05 | CVE-2021-31542 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | 7.5 |
| 2021-05-05 | CVE-2021-29246 | Path Traversal vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. | 6.7 |