Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-29 | CVE-2020-12443 | Path Traversal vulnerability in Bigbluebutton BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename (lowercase) value can be a .pdf filename while the presFilename (mixed case) value has a ../ sequence. | 9.8 |
| 2020-04-28 | CVE-2020-12103 | Path Traversal vulnerability in Tiny File Manager Project Tiny File Manager 2.4.1 In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored. | 7.7 |
| 2020-04-28 | CVE-2020-12102 | Path Traversal vulnerability in Tiny File Manager Project Tiny File Manager 2.4.1 In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. | 7.7 |
| 2020-04-27 | CVE-2020-11420 | Path Traversal vulnerability in multiple products UPS Adapter CS141 before 1.90 allows Directory Traversal. | 6.5 |
| 2020-04-24 | CVE-2020-6828 | Path Traversal vulnerability in Mozilla Firefox ESR A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. | 7.5 |
| 2020-04-24 | CVE-2020-12128 | Path Traversal vulnerability in File Transfer Ifamily Project File Transfer Ifamily 2.1 DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path. | 7.5 |
| 2020-04-23 | CVE-2020-12112 | Path Traversal vulnerability in Bigbluebutton BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File Inclusion. | 7.5 |
| 2020-04-21 | CVE-2020-1699 | Path Traversal vulnerability in multiple products A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. | 7.5 |
| 2020-04-20 | CVE-2017-18824 | Path Traversal vulnerability in Netgear products Certain NETGEAR devices are affected by directory traversal. | 3.3 |
| 2020-04-16 | CVE-2020-11819 | Path Traversal vulnerability in Rukovoditel 2.5.2 In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution. | 9.8 |