Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2020-12448 | Path Traversal vulnerability in Gitlab GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet. | 5.3 |
| 2020-05-07 | CVE-2020-11431 | Path Traversal vulnerability in Inetsoftware Clear Reports, Helpdesk and Pdfc The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal. | 9.1 |
| 2020-05-07 | CVE-2020-8983 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. | 7.5 |
| 2020-05-07 | CVE-2020-8982 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. | 7.5 |
| 2020-05-07 | CVE-2020-7473 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. | 7.5 |
| 2020-05-07 | CVE-2019-18871 | Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0 A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution. | 8.8 |
| 2020-05-07 | CVE-2019-18870 | Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0 A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine. | 6.5 |
| 2020-05-06 | CVE-2020-3187 | Path Traversal vulnerability in Cisco products A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. | 9.1 |
| 2020-05-05 | CVE-2020-10859 | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request. | 6.5 |
| 2020-05-05 | CVE-2020-10634 | Path Traversal vulnerability in Sae-It Net-Line Fw-50 Firmware SAE IT-systems FW-50 Remote Telemetry Unit (RTU). | 9.1 |