Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-07 | CVE-2020-12116 | Path Traversal vulnerability in Zohocorp Manageengine Opmanager Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request. | 7.5 |
| 2020-05-07 | CVE-2020-5744 | Path Traversal vulnerability in Tecnick Tcexam 14.2.2 Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the contents of arbitrary files on disk. | 4.9 |
| 2020-05-07 | CVE-2020-12448 | Path Traversal vulnerability in Gitlab GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet. | 5.3 |
| 2020-05-07 | CVE-2020-11431 | Path Traversal vulnerability in Inetsoftware Clear Reports, Helpdesk and Pdfc The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal. | 9.1 |
| 2020-05-07 | CVE-2020-8983 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. | 7.5 |
| 2020-05-07 | CVE-2020-8982 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. | 7.5 |
| 2020-05-07 | CVE-2020-7473 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. | 7.5 |
| 2020-05-07 | CVE-2019-18871 | Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0 A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution. | 8.8 |
| 2020-05-07 | CVE-2019-18870 | Path Traversal vulnerability in Blaauwproducts Remote Kiln Control 3.0.0 A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine. | 6.5 |
| 2020-05-06 | CVE-2020-3187 | Path Traversal vulnerability in Cisco products A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. | 9.1 |