Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-12147 | Path Traversal vulnerability in Silver-Peak Unity Orchestrator In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing. | 8.8 |
| 2020-11-05 | CVE-2020-12146 | Path Traversal vulnerability in Silver-Peak Unity Orchestrator In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API. | 8.8 |
| 2020-11-02 | CVE-2020-9368 | Path Traversal vulnerability in Oleacorner Olea Gift on Order 5.0.8 The Module Olea Gift On Order module through 5.0.8 for PrestaShop enables an unauthenticated user to read arbitrary files on the server via getfile.php?file=/.. | 7.5 |
| 2020-10-31 | CVE-2020-15703 | Path Traversal vulnerability in Aptdaemon Project Aptdaemon 1.1.1 There is no input validation on the Locale property in an apt transaction. | 3.3 |
| 2020-10-29 | CVE-2020-25780 | Path Traversal vulnerability in Commvault Commcell 11.22/11.22.22 In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder. | 7.5 |
| 2020-10-29 | CVE-2020-27993 | Path Traversal vulnerability in Hrsale 2.0.0 Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files. | 5.3 |
| 2020-10-28 | CVE-2020-24990 | Path Traversal vulnerability in QSC Q-Sys Core Manager 8.2.1 An issue was discovered in QSC Q-SYS Core Manager 8.2.1. | 7.5 |
| 2020-10-28 | CVE-2020-4782 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2020-10-28 | CVE-2020-8254 | Path Traversal vulnerability in Pulsesecure Pulse Secure Desktop Client A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. | 8.8 |
| 2020-10-27 | CVE-2020-9782 | Path Traversal vulnerability in Apple mac OS X A parsing issue in the handling of directory paths was addressed with improved path validation. | 7.5 |