Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2020-17564 | Path Traversal vulnerability in Feifeicms 4.0 Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component. | 9.1 |
| 2021-04-22 | CVE-2020-17563 | Path Traversal vulnerability in Feifeicms 4.0 Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=". | 9.1 |
| 2021-04-22 | CVE-2020-7861 | Path Traversal vulnerability in Anysupport AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. | 9.8 |
| 2021-04-22 | CVE-2020-7858 | Path Traversal vulnerability in Cdnetworks Aquanplayer 2.0.0.92 There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. | 8.6 |
| 2021-04-22 | CVE-2021-29466 | Path Traversal vulnerability in Discord Discord-Recon 0.0.1/0.0.2/0.0.3 Discord-Recon is a bot for the Discord chat service. | 7.5 |
| 2021-04-20 | CVE-2021-20023 | Path Traversal vulnerability in Sonicwall Email Security and Hosted Email Security SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. | 4.9 |
| 2021-04-19 | CVE-2021-27030 | Path Traversal vulnerability in Autodesk FBX Review 1.4.0/1.4.1.0/1.5.0 A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system. | 7.8 |
| 2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |
| 2021-04-12 | CVE-2021-22190 | Path Traversal vulnerability in Gitlab A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token | 6.5 |
| 2021-04-07 | CVE-2020-24137 | Path Traversal vulnerability in Wcms 0.3.2 Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php. | 5.3 |