Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-24 | CVE-2021-21001 | Path Traversal vulnerability in Wago products On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. | 6.5 |
| 2021-05-24 | CVE-2021-33497 | Path Traversal vulnerability in Dutchcoders Transfer.Sh Dutchcoders transfer.sh before 1.2.4 allows Directory Traversal for deleting files. | 9.1 |
| 2021-05-21 | CVE-2020-23766 | Path Traversal vulnerability in Htmly 2.7.5 An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges. | 6.5 |
| 2021-05-21 | CVE-2021-32633 | Path Traversal vulnerability in multiple products Zope is an open-source web application server. | 8.8 |
| 2021-05-21 | CVE-2021-28798 | Path Traversal vulnerability in Qnap QTS and Quts Hero A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. | 7.5 |
| 2021-05-20 | CVE-2020-21055 | Path Traversal vulnerability in Fusionpbx 4.5.7 A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filerename.php. | 6.5 |
| 2021-05-20 | CVE-2020-21056 | Path Traversal vulnerability in Fusionpbx 4.5.7 Directory Traversal vulnerability exists in FusionPBX 4.5.7, which allows a remote malicious user to create folders via the folder variale to app\edit\foldernew.php. | 4.3 |
| 2021-05-20 | CVE-2020-21057 | Path Traversal vulnerability in Fusionpbx 4.5.7 Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php. | 8.1 |
| 2021-05-20 | CVE-2020-35580 | Path Traversal vulnerability in Searchblox A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. | 7.5 |
| 2021-05-20 | CVE-2021-3426 | Path Traversal vulnerability in multiple products There's a flaw in Python 3's pydoc. | 5.7 |