Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2020-23172 | Path Traversal vulnerability in Kuba Project Kuba A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives. | 5.5 |
| 2021-08-10 | CVE-2021-37367 | Path Traversal vulnerability in Ctparental Project Ctparental CTparental before 4.45.07 is affected by a code execution vulnerability in the CTparental admin panel. | 7.8 |
| 2021-08-10 | CVE-2021-22674 | Path Traversal vulnerability in Advantech Webaccess/Scada The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1). | 6.5 |
| 2021-08-10 | CVE-2021-21501 | Path Traversal vulnerability in Apache Servicecomb Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0. | 7.5 |
| 2021-08-09 | CVE-2015-2073 | Path Traversal vulnerability in SAP Businessobjects Edge 4.0 The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682. | 7.5 |
| 2021-08-09 | CVE-2015-2074 | Path Traversal vulnerability in SAP Businessobjects Edge 4.0 The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681. | 7.5 |
| 2021-08-08 | CVE-2021-38197 | Path Traversal vulnerability in Go-Unarr Project Go-Unarr 0.1.1 unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive. | 9.8 |
| 2021-08-06 | CVE-2021-38136 | Path Traversal vulnerability in Corero Securewatch Managed Services 9.7.2.0020 Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. | 6.5 |
| 2021-08-05 | CVE-2021-34638 | Path Traversal vulnerability in W3Eden Download Manager Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration information or an uploaded JavaScript with an image extension This issue affects: WordPress Download Manager version 3.1.24 and prior versions. | 6.5 |
| 2021-08-04 | CVE-2021-24010 | Path Traversal vulnerability in Fortinet Fortisandbox Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests. | 6.5 |