Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-24 | CVE-2020-15928 | Path Traversal vulnerability in Ortussolutions Testbox In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal. | 5.3 |
| 2020-11-23 | CVE-2020-15246 | Path Traversal vulnerability in Octobercms October October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 7.5 |
| 2020-11-19 | CVE-2020-13355 | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. | 8.1 |
| 2020-11-18 | CVE-2020-28574 | Path Traversal vulnerability in Trendmicro Worry-Free Business Security 10.0 A unauthenticated path traversal arbitrary remote file deletion vulnerability in Trend Micro Worry-Free Business Security 10 SP1 could allow an unauthenticated attacker to exploit the vulnerability and modify or delete arbitrary files on the product's management console. | 7.5 |
| 2020-11-18 | CVE-2020-26078 | Path Traversal vulnerability in Cisco IOT Field Network Director A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. | 6.5 |
| 2020-11-17 | CVE-2020-26405 | Path Traversal vulnerability in Gitlab Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. | 7.1 |
| 2020-11-17 | CVE-2020-27553 | Path Traversal vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. | 7.5 |
| 2020-11-16 | CVE-2020-8271 | Path Traversal vulnerability in Citrix Sd-Wan Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | 9.8 |
| 2020-11-12 | CVE-2020-27385 | Path Traversal vulnerability in Flexdotnetcms Project Flexdotnetcms Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote attacker to read and write to existing files outside the web root. | 8.1 |
| 2020-11-12 | CVE-2020-12315 | Path Traversal vulnerability in Intel Endpoint Management Assistant 1.3.1/1.3.2/1.3.2.1 Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 |