Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-12 | CVE-2021-24013 | Path Traversal vulnerability in Fortinet Fortimail Multiple Path traversal vulnerabilities in the Webmail of FortiMail before 6.4.4 may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests. | 6.5 |
| 2021-07-07 | CVE-2021-33215 | Path Traversal vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 4.3 |
| 2021-07-07 | CVE-2020-24143 | Path Traversal vulnerability in Ninjateam Video Downloader for Tiktok 1.3 Directory traversal in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker get access to files that are stored outside the web root folder via the njt-tk-download-video parameter. | 7.5 |
| 2021-07-07 | CVE-2020-24144 | Path Traversal vulnerability in Media File Organizer Project Media File Organizer 1.0.1 Directory traversal in the Media File Organizer (aka media-file-organizer) plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items[] parameter in a move operation. | 8.6 |
| 2021-07-07 | CVE-2020-24146 | Path Traversal vulnerability in Cminds CM Download Manager 2.7.0 Directory traversal in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows authorized users to delete arbitrary files and possibly cause a denial of service via the fileName parameter in a deletescreenshot action. | 8.1 |
| 2021-07-07 | CVE-2021-32507 | Path Traversal vulnerability in Qsan Storage Manager Absolute Path Traversal vulnerability in FileDownload in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. | 6.5 |
| 2021-06-30 | CVE-2021-35958 | Path Traversal vulnerability in Google Tensorflow TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. | 9.1 |
| 2021-06-28 | CVE-2020-23715 | Path Traversal vulnerability in Webport CMS Project Webport CMS 1.19.10.17121 Directory Traversal vulnerability in Webport CMS 1.19.10.17121 via the file parameter to file/download. | 8.6 |
| 2021-06-28 | CVE-2021-29157 | Path Traversal vulnerability in multiple products Dovecot before 2.3.15 allows ../ Path Traversal. | 5.5 |
| 2021-06-24 | CVE-2020-18665 | Path Traversal vulnerability in Webport web Port Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings. | 5.3 |