Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-04 | CVE-2021-36168 | Path Traversal vulnerability in Fortinet Fortiportal A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with malicious parameter values. | 6.5 |
| 2021-08-04 | CVE-2021-35397 | Path Traversal vulnerability in Drogon A path traversal vulnerability in the static router for Drogon from 1.0.0-beta14 to 1.6.0 could allow an unauthenticated, remote attacker to arbitrarily read files. | 7.5 |
| 2021-08-03 | CVE-2020-19304 | Path Traversal vulnerability in Metinfo 7.0.0 An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory traversal and access sensitive information. | 7.5 |
| 2021-08-03 | CVE-2020-19305 | Path Traversal vulnerability in Metinfo 7.0.0 An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing attackers to escalate privileges. | 9.8 |
| 2021-08-03 | CVE-2021-32016 | Path Traversal vulnerability in Jump-Technology Asset Management 3.6.0.04.0092487 An issue was discovered in JUMP AMS 3.6.0.04.009-2487. | 8.8 |
| 2021-08-03 | CVE-2021-32018 | Path Traversal vulnerability in Jump-Technology Asset Management 3.6.0.04.0092487 An issue was discovered in JUMP AMS 3.6.0.04.009-2487. | 6.5 |
| 2021-08-03 | CVE-2021-32814 | Path Traversal vulnerability in Skytable Skytable is a NoSQL database with automated snapshots and TLS. | 8.1 |
| 2021-08-03 | CVE-2021-36156 | Path Traversal vulnerability in Grafana Loki An issue was discovered in Grafana Loki through 2.2.1. | 5.3 |
| 2021-08-03 | CVE-2021-36157 | Path Traversal vulnerability in Linuxfoundation Cortex An issue was discovered in Grafana Cortex through 1.9.0. | 5.3 |
| 2021-07-31 | CVE-2020-26806 | Path Traversal vulnerability in Objectplanet Opinio admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code. | 8.8 |