Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2021-03-10 CVE-2021-20669 Path Traversal vulnerability in Weseek Growi
Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read and/or delete an arbitrary path via a specially crafted URL.
network
low complexity
weseek CWE-22
4.7
4.7
2021-03-10 CVE-2021-20668 Path Traversal vulnerability in Weseek Growi
Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read an arbitrary path via a specially crafted URL.
network
low complexity
weseek CWE-22
2.7
2.7
2021-03-07 CVE-2021-26294 Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9.
network
low complexity
afterlogic CWE-22
7.5
7.5
2021-03-06 CVE-2021-26814 Path Traversal vulnerability in Wazuh
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI.
network
low complexity
wazuh CWE-22
8.8
8.8
2021-03-05 CVE-2021-28042 Path Traversal vulnerability in Deutschepost Mailoptimizer 4.3
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component.
local
low complexity
deutschepost CWE-22
7.8
7.8
2021-03-05 CVE-2020-29134 Path Traversal vulnerability in Totvs Fluig 1.6.4/1.6.5/1.7.0
The TOTVS Fluig platform allows path traversal through the parameter "file = ..
network
low complexity
totvs CWE-22
8.6
8.6
2021-03-04 CVE-2021-26293 Path Traversal vulnerability in Afterlogic Aurora and Webmail PRO
An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled.
network
low complexity
afterlogic CWE-22
critical
 9.8
9.8
2021-03-04 CVE-2021-26028 Path Traversal vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 3.0.0 through 3.9.24.
local
low complexity
joomla CWE-22
5.5
5.5
2021-03-02 CVE-2021-21514 Path Traversal vulnerability in Dell Openmanage Server Administrator
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability.
network
low complexity
dell CWE-22
4.9
4.9
2021-03-01 CVE-2021-22114 Path Traversal vulnerability in VMWare Spring Integration ZIP
Addresses partial fix in CVE-2018-1263.
network
low complexity
vmware CWE-22
5.3
5.3