Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2019-18871 | Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0 A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution. | 8.8 |
| 2020-05-07 | CVE-2019-18870 | Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0 A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine. | 6.5 |
| 2020-05-06 | CVE-2020-3187 | Path Traversal vulnerability in Cisco products A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. | 9.1 |
| 2020-05-05 | CVE-2020-10859 | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request. | 6.5 |
| 2020-05-05 | CVE-2020-10634 | Path Traversal vulnerability in Sae-It Net-Line Fw-50 Firmware SAE IT-systems FW-50 Remote Telemetry Unit (RTU). | 9.1 |
| 2020-05-05 | CVE-2020-12649 | Path Traversal vulnerability in Gurbalib Project Gurbalib 20200430 Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory traversal for reading administrative paths. | 7.5 |
| 2020-05-04 | CVE-2020-12640 | Path Traversal vulnerability in multiple products Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php. | 9.8 |
| 2020-05-04 | CVE-2020-4209 | Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. | 5.4 |
| 2020-05-04 | CVE-2020-12475 | Path Traversal vulnerability in Tp-Link Omada Controller 3.2.6 TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar. | 5.5 |
| 2020-05-04 | CVE-2020-1631 | Path Traversal vulnerability in Juniper Junos A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. | 9.8 |