Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-16 | CVE-2020-25617 | Path Traversal vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 8.8 |
| 2020-12-16 | CVE-2020-5683 | Path Traversal vulnerability in Weseek Growi Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to alter the data by uploading a specially crafted file. | 7.5 |
| 2020-12-14 | CVE-2020-35460 | Path Traversal vulnerability in multiple products common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations. | 5.3 |
| 2020-12-14 | CVE-2020-5639 | Path Traversal vulnerability in Soliton Filezen Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. | 9.8 |
| 2020-12-12 | CVE-2020-35176 | Path Traversal vulnerability in multiple products In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. | 5.3 |
| 2020-12-11 | CVE-2020-27730 | Path Traversal vulnerability in multiple products In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. | 9.8 |
| 2020-12-09 | CVE-2020-26837 | Path Traversal vulnerability in SAP Solution Manager 7.20 SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable. | 9.1 |
| 2020-12-08 | CVE-2020-27896 | Path Traversal vulnerability in Apple mac OS X and Macos A path handling issue was addressed with improved validation. | 5.5 |
| 2020-12-08 | CVE-2020-10014 | Path Traversal vulnerability in Apple mac OS X and Macos A parsing issue in the handling of directory paths was addressed with improved path validation. | 6.3 |
| 2020-12-08 | CVE-2020-10010 | Path Traversal vulnerability in Apple products A path handling issue was addressed with improved validation. | 7.8 |