Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-32062 | Path Traversal vulnerability in multiple products MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and 7.6.x before 7.6.3 does not properly enforce the MS_MAP_NO_PATH and MS_MAP_PATTERN restrictions that are intended to control the locations from which a mapfile may be loaded (with MapServer CGI). | 5.3 |
| 2021-05-05 | CVE-2021-29101 | Path Traversal vulnerability in Esri Arcgis Geoevent Server 10.8.1 ArcGIS GeoEvent Server versions 10.8.1 and below has a read-only directory path traversal vulnerability that could allow an unauthenticated, remote attacker to perform directory traversal attacks and read arbitrary files on the system. | 7.5 |
| 2021-05-05 | CVE-2020-4993 | Path Traversal vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature of zip files processes data in a way that may be vulnerable to path traversal attacks. | 4.9 |
| 2021-05-05 | CVE-2021-29100 | Path Traversal vulnerability in Esri Arcgis Earth A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. | 7.8 |
| 2021-05-05 | CVE-2021-31542 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | 7.5 |
| 2021-05-05 | CVE-2021-29246 | Path Traversal vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 suffers from directory traversal, which allows an attacker with admin privileges to achieve code execution. | 6.7 |
| 2021-05-05 | CVE-2021-31800 | Path Traversal vulnerability in multiple products Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. | 9.8 |
| 2021-04-30 | CVE-2020-4039 | Path Traversal vulnerability in Fossasia Susi.Ai SUSI.AI is an intelligent Open Source personal assistant. | 9.1 |
| 2021-04-30 | CVE-2021-28959 | Path Traversal vulnerability in Zohocorp Manageengine Eventlog Analyzer Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. | 9.8 |
| 2021-04-30 | CVE-2020-18070 | Path Traversal vulnerability in Idreamsoft Icms 7.0.13 Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php". | 9.1 |