Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-25 | CVE-2020-5280 | Path Traversal vulnerability in Typelevel Http4S http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. | 7.5 |
| 2020-03-25 | CVE-2020-5554 | Path Traversal vulnerability in Shihonkanri Plus Goout Project Shihonkanri Plus Goout 1.5.8/2.2.10 Directory traversal vulnerability in Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to read and write arbitrary files via unspecified vectors. | 9.1 |
| 2020-03-23 | CVE-2020-10875 | Path Traversal vulnerability in Zebra Fx9500 Firmware Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp. | 7.5 |
| 2020-03-23 | CVE-2020-8865 | Path Traversal vulnerability in multiple products This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. | 6.3 |
| 2020-03-23 | CVE-2020-7478 | Path Traversal vulnerability in Schneider-Electric Interactive Graphical Scada System 14.0/14.0.0.19120 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS (Versions 14 and prior using the service: IGSSupdate), which could allow a remote unauthenticated attacker to read arbitrary files from the IGSS server PC on an unrestricted or shared network when the IGSS Update Service is enabled. | 7.5 |
| 2020-03-20 | CVE-2019-19486 | Path Traversal vulnerability in Centreon Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to traverse paths via a plugin test. | 6.5 |
| 2020-03-19 | CVE-2019-16064 | Path Traversal vulnerability in Netsas Enigma Network Management Solution NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. | 9.6 |
| 2020-03-18 | CVE-2020-9323 | Path Traversal vulnerability in Aquaforest Tiff Server 4.0 Aquaforest TIFF Server 4.0 allows Unauthenticated File and Directory Enumeration via tiffserver/tssp.aspx. | 5.3 |
| 2020-03-18 | CVE-2020-8600 | Path Traversal vulnerability in Trendmicro Worry-Free Business Security 10.0/9.0/9.5 Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow an attacker to manipulate a key file to bypass authentication. | 9.8 |
| 2020-03-17 | CVE-2018-18576 | Path Traversal vulnerability in Incsub Hustle The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI. | 5.3 |