Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2019-20851 | Path Traversal vulnerability in Mattermost An issue was discovered in Mattermost Mobile Apps before 1.26.0. | 9.1 |
| 2020-06-19 | CVE-2020-14452 | Path Traversal vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.21.0. | 5.3 |
| 2020-06-19 | CVE-2020-5590 | Path Traversal vulnerability in Ec-Cube Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. | 8.1 |
| 2020-06-18 | CVE-2020-3241 | Path Traversal vulnerability in Cisco UCS Director A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. | 6.5 |
| 2020-06-18 | CVE-2020-3236 | Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. | 6.7 |
| 2020-06-17 | CVE-2020-12827 | Path Traversal vulnerability in Mjml MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document. | 7.2 |
| 2020-06-16 | CVE-2020-7497 | Path Traversal vulnerability in Schneider-Electric Ecostruxure Operator Terminal Expert 3.0/3.1 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause arbitrary application execution when the computer starts. | 9.8 |
| 2020-06-16 | CVE-2020-7495 | Path Traversal vulnerability in Schneider-Electric Ecostruxure Operator Terminal Expert 3.0/3.1 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause unauthorized write access outside of expected path folder when opening the project file. | 5.5 |
| 2020-06-16 | CVE-2020-7494 | Path Traversal vulnerability in Schneider-Electric Ecostruxure Operator Terminal Expert 3.0/3.1 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file. | 7.8 |
| 2020-06-15 | CVE-2020-12003 | Path Traversal vulnerability in Rockwellautomation Factorytalk Linx and Rslinx Classic FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. | 7.5 |