Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-08 | CVE-2021-38197 | Path Traversal vulnerability in Go-Unarr Project Go-Unarr 0.1.1 unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive. | 9.8 |
| 2021-08-06 | CVE-2021-38136 | Path Traversal vulnerability in Corero Securewatch Managed Services 9.7.2.0020 Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. | 6.5 |
| 2021-08-05 | CVE-2021-34638 | Path Traversal vulnerability in Wpdownloadmanager Wordpress Download Manager Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration information or an uploaded JavaScript with an image extension This issue affects: WordPress Download Manager version 3.1.24 and prior versions. | 6.5 |
| 2021-08-04 | CVE-2021-24010 | Path Traversal vulnerability in Fortinet Fortisandbox Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests. | 6.5 |
| 2021-08-04 | CVE-2021-36168 | Path Traversal vulnerability in Fortinet Fortiportal A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with malicious parameter values. | 6.5 |
| 2021-08-04 | CVE-2021-35397 | Path Traversal vulnerability in Drogon A path traversal vulnerability in the static router for Drogon from 1.0.0-beta14 to 1.6.0 could allow an unauthenticated, remote attacker to arbitrarily read files. | 7.5 |
| 2021-08-03 | CVE-2020-19304 | Path Traversal vulnerability in Metinfo 7.0.0 An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory traversal and access sensitive information. | 7.5 |
| 2021-08-03 | CVE-2020-19305 | Path Traversal vulnerability in Metinfo 7.0.0 An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing attackers to escalate privileges. | 9.8 |
| 2021-08-03 | CVE-2021-32016 | Path Traversal vulnerability in Jump-Technology Asset Management 3.6.0.04.0092487 An issue was discovered in JUMP AMS 3.6.0.04.009-2487. | 8.8 |
| 2021-08-03 | CVE-2021-32018 | Path Traversal vulnerability in Jump-Technology Asset Management 3.6.0.04.0092487 An issue was discovered in JUMP AMS 3.6.0.04.009-2487. | 6.5 |