Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-29466 | Path Traversal vulnerability in Discord Discord-Recon 0.0.1/0.0.2/0.0.3 Discord-Recon is a bot for the Discord chat service. | 7.5 |
| 2021-04-20 | CVE-2021-20023 | Path Traversal vulnerability in Sonicwall Email Security and Hosted Email Security SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. | 4.9 |
| 2021-04-19 | CVE-2021-27030 | Path Traversal vulnerability in Autodesk FBX Review 1.4.0/1.4.1.0/1.5.0 A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system. | 7.8 |
| 2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |
| 2021-04-12 | CVE-2021-22190 | Path Traversal vulnerability in Gitlab A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token | 6.5 |
| 2021-04-07 | CVE-2020-24137 | Path Traversal vulnerability in Wcms 0.3.2 Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php. | 5.3 |
| 2021-04-07 | CVE-2020-24136 | Path Traversal vulnerability in Wcms 0.3.2 Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the pagename parameter to wex/html.php. | 8.6 |
| 2021-04-07 | CVE-2021-20692 | Path Traversal vulnerability in Eikisoft Archive Collectively Operation Utility Directory traversal vulnerability in Archive collectively operation utility Ver.2.10.1.0 and earlier allows an attacker to create or overwrite files by leading a user to expand a malicious ZIP archives. | 7.1 |
| 2021-04-06 | CVE-2020-13419 | Path Traversal vulnerability in Openiam OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task. | 5.3 |
| 2021-04-06 | CVE-2021-28658 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. | 5.3 |