Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-19 | CVE-2020-9050 | Path Traversal vulnerability in Johnsoncontrols Metasys Reporting Engine 2.0/2.1 Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system. | 7.5 |
| 2021-02-18 | CVE-2021-23340 | Path Traversal vulnerability in Pimcore This affects the package pimcore/pimcore before 6.8.8. | 7.1 |
| 2021-02-18 | CVE-2021-20354 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. | 7.5 |
| 2021-02-17 | CVE-2021-27367 | Path Traversal vulnerability in Boltcms Bolt Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. | 7.5 |
| 2021-02-17 | CVE-2020-13550 | Path Traversal vulnerability in Advantech Webaccess/Scada 9.0.1 A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. | 7.7 |
| 2021-02-17 | CVE-2021-22857 | Path Traversal vulnerability in Changjia Property Management System Project Changjia Property Management System 1.00 The CGE page with download function contains a Directory Traversal vulnerability. | 7.5 |
| 2021-02-16 | CVE-2021-20072 | Path Traversal vulnerability in Racom M!Dge Firmware 4.4.40.105 Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral. | 7.2 |
| 2021-02-15 | CVE-2020-28337 | Path Traversal vulnerability in Microweber A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. | 7.2 |
| 2021-02-15 | CVE-2020-29026 | Path Traversal vulnerability in Secomea products A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. | 6.5 |
| 2021-02-12 | CVE-2021-20651 | Path Traversal vulnerability in Elecom File Manager Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors. | 9.1 |