Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-30 | CVE-2020-5588 | Path Traversal vulnerability in Cybozu Garoon 5.0.0/5.0.1 Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors. | 4.9 |
| 2020-06-30 | CVE-2020-5581 | Path Traversal vulnerability in Cybozu Garoon Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. | 6.5 |
| 2020-06-24 | CVE-2020-15026 | Path Traversal vulnerability in Bludit 3.12.0 Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. | 4.9 |
| 2020-06-24 | CVE-2020-7667 | Path Traversal vulnerability in SAS GO RPM Utils In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which leads in file extraction outside of the current directory. | 7.5 |
| 2020-06-23 | CVE-2020-7668 | Path Traversal vulnerability in Compression and Archive Extensions TZ Project Compression and Archive Extensions TZ Project In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". | 7.5 |
| 2020-06-23 | CVE-2020-7664 | Path Traversal vulnerability in Compression and Archive Extensions Project Compression and Archive Extensions ZIP Project In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". | 7.5 |
| 2020-06-22 | CVE-2020-14946 | Path Traversal vulnerability in Globalradar BSA Radar 1.6.7234.24750 downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. | 4.3 |
| 2020-06-22 | CVE-2020-13158 | Path Traversal vulnerability in Articatech Artica Proxy 4.28.030.418/4.28.030418 Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter. | 7.5 |
| 2020-06-22 | CVE-2020-14461 | Path Traversal vulnerability in Zyxel Wap6806 Firmware 1.00(Abal.6)C0 Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI. | 8.6 |
| 2020-06-19 | CVE-2017-18912 | Path Traversal vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. | 9.8 |